Compiling Net::SSLeay with SSLv2 Support

hardwarefresser has asked for the wisdom of the Perl Monks concerning the following question:

Dear Pearlmonks,

I need Net::SSLeay with SSLv2 and SSLv3 support to do some SSL-checks. There is a guide in the interweb (http://www.techstacks.com/howto/enable-sslv2-methods-in-netssleay.html)

I followed the guide step by step and got an error after performing the "make" command.

root@Kali:/media/sf_interVM/Net-SSLeay-1.72# make
Skip blib/lib/Net/SSLeay.pod (unchanged)
Skip blib/lib/Net/SSLeay.pm (unchanged)
Skip blib/lib/Net/SSLeay/Handle.pm (unchanged)
Running Mkbootstrap for Net::SSLeay ()
chmod 644 SSLeay.bs
cc -c  -I/usr/include -D_REENTRANT -D_GNU_SOURCE -DDEBIAN -fwrapv -fno
+-strict-aliasing -pipe -I/usr/local/include -D_LARGEFILE_SOURCE -D_FI
+LE_OFFSET_BITS=64 -O2 -g   -DVERSION=\"1.72\" -DXS_VERSION=\"1.72\" -
+fPIC "-I/usr/lib/x86_64-linux-gnu/perl/5.20/CORE"   SSLeay.c
SSLeay.xs: In function ‘XS_Net__SSLeay_CTX_v2_new’:
SSLeay.xs:1410:28: warning: passing argument 1 of ‘SSL_CTX_new’ makes 
+pointer from integer without a cast
      RETVAL = SSL_CTX_new (SSLv2_method());
                            ^
In file included from SSLeay.xs:167:0:
/usr/include/openssl/ssl.h:1693:10: note: expected ‘const struct SSL_M
+ETHOD *’ but argument is of type ‘int’
 SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
          ^
SSLeay.c: In function ‘XS_Net__SSLeay_SSLv2_method’:
SSLeay.c:8366:9: warning: assignment makes pointer from integer withou
+t a cast
  RETVAL = SSLv2_method();
         ^

^CMakefile:356: recipe for target 'SSLeay.o' failed
make: *** [SSLeay.o] Unterbrechung
[download]

can anybody give me a hint? I use Kali Linx 2 with SSLv2 enabled on openssl (openssl s_client connections work with SSLv2)

Thanks a lot!

Comment on Compiling Net::SSLeay with SSLv2 Support Download Code

Replies are listed 'Best First'.
Re: Compiling Net::SSLeay with SSLv2 Support by syphilis (Archbishop) on Oct 19, 2015 at 23:00 UTC
Firstly, I don't see what's causing the failure. There's 2 warnings, but warnings aren't fatal unless flagged to be so - and I see no such flag in the command that was run. Perhaps the "note" is fatal. I don't know - it doesn't sound fatal.... Update: Heh ... as Anonymous has pointed out, ^C is fatal. Looking in openssl/ssl.h, it seems that OPENSSL_NO_SSL2 will be defined automatically only if OPENSSL_NO_RSA or OPENSSL_NO_MD5 are defined. I'm therefore thinking that if you build openssl without either of those being defined then SSLv2 will be enabled, by default, both in the openssl library and in Net::SSLeay. In the Net-SSLeay-1.72 "Changes" file I found an indication that SSLv2 support is deprecated. But that means SSLv2 support is still available. "Deprecation", AIUI, is just a notification that it's discouraged and may be removed at a future date. (I'm not an expert in this but :-) Cheers, Rob	[reply]
Re: Compiling Net::SSLeay with SSLv2 Support by hardwarefresser (Initiate) on Oct 20, 2015 at 14:02 UTC
Hello everybody! I solved the problem. My underlying openssl-Version dos not support SSLv2. This is what caused the error. I recompiled openssl with sslv2 support. Now I don't get the errors anymore. Thanks a lot for your help!	[reply]
Re: Compiling Net::SSLeay with SSLv2 Support by u65 (Chaplain) on Oct 19, 2015 at 21:10 UTC
Welcome, hardwarefresser. Have you tried installing the module via CPAN? If that doesn't work, I'm guessing you may have to install a more recent OpenSSL.	[reply]
Re^2: Compiling Net::SSLeay with SSLv2 Support by hardwarefresser (Initiate) on Oct 20, 2015 at 07:37 UTC
Yes, the installation via CPAN works, but the support for SSLv2 and SSLv3 is disabled. That's why I do the installation manually. My current openssl-version is 1.0.1k.	[reply]
Re: Compiling Net::SSLeay with SSLv2 Support by Anonymous Monk on Oct 19, 2015 at 22:51 UTC
can anybody give me a hint? Why did you stop make? That ^C means you typed Ctrl+C and killed the process ... why did you interrupt it?	[reply]