[Bro-Dev] [JIRA] (BIT-1506) Bro fails to build on OS X 10.11 (El Capitan) due to OpenSSL header removal
Adam Slagell (JIRA)
jira at bro-tracker.atlassian.net
Wed Nov 11 10:08:00 PST 2015
[ https://bro-tracker.atlassian.net/browse/BIT-1506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=22814#comment-22814 ]
Adam Slagell commented on BIT-1506:
-----------------------------------
I think it is actually more complicated, and we have several options.
First, they still ship openssl 0.9.8 and maintain updates to it. This is what ssh on 10.11 uses. So if we have someone bring in their own version, they have to deal with multiple versions and keep openssl up-to-date themselves. I don't worry about that for SWIG, but I do worry about it openssl's track record on security. Especially since most of these package managers like fink, mac ports, and homebrew don't stay on top of updates.
We could bring our own 0.9.8 headers and rely on Apple to update openssl the next time there is a critical update.
We could also compile statically for the binaries we provide and leaving those who compile on their own, but that is owning someone else's problem in a not very maintainable way.
I don't know, I kind of lean towards bringing our own header for Mac, but I don't like any of the solutions. Maybe it is just the users problem to install and update openssl.
> Bro fails to build on OS X 10.11 (El Capitan) due to OpenSSL header removal
> ---------------------------------------------------------------------------
>
> Key: BIT-1506
> URL: https://bro-tracker.atlassian.net/browse/BIT-1506
> Project: Bro Issue Tracker
> Issue Type: Problem
> Components: Bro
> Affects Versions: 2.4
> Reporter: Vlad Grigorescu
> Fix For: 2.5
>
>
> It looks like Apple removed the OpenSSL headers with El Capitan[1] (OS X
> 10.11), and now Bro fails to build on OS X. Apple's recommendation is
> that we either include a copy of OpenSSL ourselves or we use their
> Secure Transport API.
> [1] - <https://lists.apple.com/archives/macnetworkprog/2015/Jun/msg00025.html>
--
This message was sent by Atlassian JIRA
(v7.0.0-OD-08-005#70107)
More information about the bro-dev
mailing list