Bitcoin Forum
June 23, 2021, 11:38:15 PM *
News: Latest Bitcoin Core release: 0.21.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: 1 2 [All]
  Print  
Author Topic: Bounty : OpenSSL with EC for Fedora/RH/CentOS : 3.6 BTC  (Read 13629 times)
Tuxavant
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1000

Bitcoin Mayor of Las Vegas


View Profile WWW
June 03, 2012, 11:01:18 PM
 #1

http://bitquestion.com/question/8

Quote
I would like someone to explain exactly how to build OpenSSL with EC on Fedora and make it available in RPM format in a personal repository. This is specifically to help Fedora users more easily build Bitcoin applications.

I need the following documented or explained:

Build OpenSSL with EC
Create/configure/maintain a .spec file
Build the OpenSSL RPM so that it is compatible with the existing Fedora OpenSSL version.
Generate/publish a PGP key for use in authenticating releases
Creating a repository and publishing the rpm

I can build the current version of OpenSSL source code. I am currently stuck at interpreting what needs to be done with the .spec file downloaded from the Fedora repository (/fedora/linux/updates/16/SRPMS/openssl-1.0.0j-1.fc16.src.rpm)

1624491495
Hero Member
*
Offline Offline

Posts: 1624491495

View Profile Personal Message (Offline)

Ignore
1624491495
Reply with quote  #2

1624491495
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
kano
Legendary
*
Offline Offline

Activity: 3514
Merit: 1378


Linux since 1997 RedHat 4


View Profile
June 07, 2012, 07:14:39 AM
Last edit: June 07, 2012, 07:36:14 AM by kano
 #2

I wanted to do this today ... and googled ... and found nothing useful ... and googled more ... and found this page ... and since googling gave me no actual answers ...
I did it myself.

Code:
Build openssl-1.0.0j with EC on fc16
------------------------------------

All this is run from root.

1) Find the correct SRC RPM

Update fc16 to the latest everything and get
 openssl-1.0.0j-1.fc16.src.rpm
from any mirror

or later if there is a later version
(this was written 7-Jun-2012)

N.B. these details are specific for openssl-1.0.0j
but most developers should be able to adapt this to later versions

2) rpm -Uvh openssl-1.0.0j-1.fc16.src.rpm

3) cd ~/rpmbuild/SPECS

4) vim openssl.spec

look for "./Configure" at the start of a line
(in 1.0.0j-1.fc16 it is line 219)
about 3 lines down from that you will see:
 enable-cms enable-md2 no-idea no-mdc2 no-rc5 no-ec no-ecdh no-ecdsa \
change it to look like:
 enable-cms enable-md2 no-idea no-mdc2 no-rc5 enable-ec enable-ecdh enable-ecdsa \

search for
 Source1: hobble-openssl
(line 29) and change it (comment it out) to:
 #Source1: hobble-openssl

search for
 %{SOURCE1} > /dev/null
(line 133) and change it (comment it out) to:
 #%{SOURCE1} > /dev/null

go back to the top and increase "Release:"

line 24 increment the "Release:" number
e.g. change
 Release: 1%{?dist}
to
 Release: 2%{?dist}

5) install rpm-build
yum install rpm-build

6) cd ~/rpmbuild/SOURCES/

in ~/rpmbuild/SOURCES/ there is a file called "openssl-1.0.0j-usa.tar.xz"

rename it to "openssl-1.0.0j-usa.tar.xz.orig" (or whatever else you like)

get a full replacement for the tar file, at http://www.openssl.org/source/

 http://www.openssl.org/source/openssl-1.0.0j.tar.gz

and put it in the directory: ~/rpmbuild/SOURCES/

then rename it to "openssl-1.0.0j-usa.tar.xz"

7) cd ~/rpmbuild/SPECS

 rpmbuild -bb openssl.spec

8) You now have the RPM files you need in ~/rpmbuild/RPMS/*/

FIN
I did this coz I wanted to build vanitygen (and it failed before I did this)

So in my ~/rpmbuild/RPMS/x86_64/ directory I did:

 rpm -Uvh openssl-1.0.0j-2.fc16.x86_64.rpm openssl-devel-1.0.0j-2.fc16.x86_64.rpm

and now vanitygen builds (and runs) fine.

Pool: https://kano.is - lowest fee PPLNS 3 Days - Most reliable Solo with ONLY 0.5% fee   Bitcointalk thread: Forum
Discord support invite at https://kano.is/ Majority developer of the ckpool code - k for kano
Help keep Bitcoin secure by mining on pools with full block verification on all blocks - and NO empty blocks!
kano
Legendary
*
Offline Offline

Activity: 3514
Merit: 1378


Linux since 1997 RedHat 4


View Profile
June 07, 2012, 07:18:06 AM
 #3

I wonder how popular this page will become now with Fedora people Smiley
Since there really is no one who has written this, that is easy to find on the net, for the last 7+ years this issue has existed ...

Pool: https://kano.is - lowest fee PPLNS 3 Days - Most reliable Solo with ONLY 0.5% fee   Bitcointalk thread: Forum
Discord support invite at https://kano.is/ Majority developer of the ckpool code - k for kano
Help keep Bitcoin secure by mining on pools with full block verification on all blocks - and NO empty blocks!
Tuxavant
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1000

Bitcoin Mayor of Las Vegas


View Profile WWW
June 07, 2012, 11:23:50 AM
Last edit: June 07, 2012, 11:35:48 AM by Tuxavant
 #4

excellent work!

I had a discussion with a guy in #Fedora-dev who helped me out and gave me nearly the same instructions. I have been planning on giving it a go, but it's just been too busy.

Here's the overview of the discussion we had. We should compare notes and take it to the end - through setting up a repo. I may have some time to work on this today.

Quote
<wolfy> it's almost 3 AM over here so I will not be staying much longer
<wolfy> so let me tell you the basic stept
<wolfy> steps
<wolfy> 1. yum install fedora-packager
<wolfy> 2. decide what user you will use to build packages as. I use my normal user account
<wolfy> do not ever build as root
<wolfy> install mock
<wolfy> become the user you want to build as ( su - THATUSER)
<wolfy> run rpmdev-setuptree
<wolfy> download the openssl.src.rpm from fedora
<wolfy> rpm -i openssl.src.rpm ( this step will explode the src and allow you to later edit the spec )
<wolfy> download the original source
<wolfy> edit ~/rpmbuild/SPECS/openssl.spec
<wolfy> replace the file name in SOURCE0 with the name of the downloaded original
<wolfy> add a line in front of the %changelog section , using the same format as the existing ones
<wolfy> and put in there the new version and the comments that you seem fit for the changelog
<wolfy> ah, also, do not forget to edit the version and release fields from the top of the spec file, make them coincide with the name of the new source
<wolfy> save the spec file
<wolfy> run rpmbuild -bs  ~/rpmbuild/SPECS/openssl.spec
<wolfy> this will create a new src.rpm
<wolfy> let's say it's called  ~/rpmbuild/SRPMS/newopenssl.src.rpm
<wolfy> run mock -r fedora-16-x86_64 ~/rpmbuild/SRPMS/newopenssl.src.rpm
<wolfy> and come back to me with the issues that you face
<wolfy> ah
<wolfy> one more thing
<wolfy> you need to add the user that you will use to build to the group mock
<wolfy> after installing mock
<wolfy> otherwise mock will refuse to run


Ultimately I plan on hosting an openssl repository 'with signatures n shit' to make it even easier for people to use EC on Fedora.

kano
Legendary
*
Offline Offline

Activity: 3514
Merit: 1378


Linux since 1997 RedHat 4


View Profile
June 07, 2012, 12:24:17 PM
 #5

Yeah if you really wanted to give out RPM's to other people you'd also (as mentioned above by wolfy) change the "Source:" file name from "openssl-%{version}-usa.tar.xz" to "openssl-%{version}.tar.gz" in the spec file, so you can simply just grab the file from
http://www.openssl.org/source/
and create a new src.rpm using that gz file instead of the RedHat 'usa' file

The differences between the two tar files are that all the files related to the "patent" issue are present but empty in the 'usa' file.

From my reading about the issues with ECC now, I'd expect this problem to go away soon - as soon as RedHat legal gets off their asses and say something about it
The patent is already shown to not be valid in this case ... and even if for some stupid reason some typically zero intelligence judge did say the patent covers this, well it expires this year anyway from what I've read.

Pool: https://kano.is - lowest fee PPLNS 3 Days - Most reliable Solo with ONLY 0.5% fee   Bitcointalk thread: Forum
Discord support invite at https://kano.is/ Majority developer of the ckpool code - k for kano
Help keep Bitcoin secure by mining on pools with full block verification on all blocks - and NO empty blocks!
Tuxavant
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1000

Bitcoin Mayor of Las Vegas


View Profile WWW
June 07, 2012, 12:27:57 PM
 #6

The patent is already shown to not be valid in this case ... and even if for some stupid reason some typically zero intelligence judge did say the patent covers this, well it expires this year anyway from what I've read.

That's great news! Even so, this will prove to be a very enlightening and educational experience for me as I've wanted to help maintain other packages too. This ECDSA thing has motivate me to finally learn how this stuff works.

marcus_of_augustus
Legendary
*
Offline Offline

Activity: 3584
Merit: 1764



View Profile
June 07, 2012, 09:45:45 PM
Last edit: June 07, 2012, 11:51:46 PM by marcus_of_augustus
 #7

We need this in several places for Fedora (other RH-derivative) uses ... I can probably contribute.

kano
Legendary
*
Offline Offline

Activity: 3514
Merit: 1378


Linux since 1997 RedHat 4


View Profile
June 07, 2012, 10:35:57 PM
 #8

Well it's all there - I'm not sure what else is wanted since it's a simple google to get:
e.g. how to sign an RPM: http://www.rpm.org/max-rpm/s1-rpm-pgp-signing-packages.html

and if you mean a Yum repo - that's just 'createrepo -q .' in the directory above the repo and create a whatever.repo to point to it
(just like the repos in /etc/yum.repos.d/

Anyway those 2 bits of info are straight forward, the trick was to simply notice that the redhat usa tar file could be replaced by the official tar file (with some changes to the spec file and enabling the needed cryptos) and then it compiles without problems.

I guess you could even enable idea, rc5 and mdc2 if anyone wanted them also

I've been running vanitygen last night and imported a generated address into my wallet and that imported without any errors.

Pool: https://kano.is - lowest fee PPLNS 3 Days - Most reliable Solo with ONLY 0.5% fee   Bitcointalk thread: Forum
Discord support invite at https://kano.is/ Majority developer of the ckpool code - k for kano
Help keep Bitcoin secure by mining on pools with full block verification on all blocks - and NO empty blocks!
Tuxavant
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1000

Bitcoin Mayor of Las Vegas


View Profile WWW
June 07, 2012, 11:06:00 PM
 #9

Well it's all there - I'm not sure what else is wanted

To get through it and see it work. I just need some "alone time" which will probably happen tomorrow for me.

Can't wait to get my vanitygen on too!

marcus_of_augustus
Legendary
*
Offline Offline

Activity: 3584
Merit: 1764



View Profile
June 07, 2012, 11:55:26 PM
 #10

From my reading about the issues with ECC now, I'd expect this problem to go away soon - as soon as RedHat legal gets off their asses and say something about it
The patent is already shown to not be valid in this case ... and even if for some stupid reason some typically zero intelligence judge did say the patent covers this, well it expires this year anyway from what I've read.

Ok, sounds promising. This tiny little EC copyright issue has been a PITA getting bitcoin projects built cleanly on RH platforms ... way out of proportion to the issue.

PS: nice work with the package, btw.

kano
Legendary
*
Offline Offline

Activity: 3514
Merit: 1378


Linux since 1997 RedHat 4


View Profile
June 07, 2012, 11:58:09 PM
 #11

Updated my sig Cheesy Cheesy (with vanitygen)

Pool: https://kano.is - lowest fee PPLNS 3 Days - Most reliable Solo with ONLY 0.5% fee   Bitcointalk thread: Forum
Discord support invite at https://kano.is/ Majority developer of the ckpool code - k for kano
Help keep Bitcoin secure by mining on pools with full block verification on all blocks - and NO empty blocks!
Tuxavant
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1000

Bitcoin Mayor of Las Vegas


View Profile WWW
June 07, 2012, 11:59:54 PM
 #12

nice. some bitcoin waiting for that addy when I close the bitquestion bounty.  Shocked

kano
Legendary
*
Offline Offline

Activity: 3514
Merit: 1378


Linux since 1997 RedHat 4


View Profile
June 08, 2012, 12:15:11 AM
 #13

nice. some bitcoin waiting for that addy when I close the bitquestion bounty.  Shocked
I'll make myself a longer one some time in the future - 4 character ones are really quick (I've got 78 of them already)
5 character ones are of course 58 times slower Tongue

So yeah it's nice to be able to play with vanitygen.
One thing to note (that's mentioned but probably should be highlighted in the bitcoind docs) is when you
 bitcoind importprivkey 5blah
You need to wait for quite a while ... and if you "tail -f" the "debug.log" it's a major WTF is it doing? Smiley

Pool: https://kano.is - lowest fee PPLNS 3 Days - Most reliable Solo with ONLY 0.5% fee   Bitcointalk thread: Forum
Discord support invite at https://kano.is/ Majority developer of the ckpool code - k for kano
Help keep Bitcoin secure by mining on pools with full block verification on all blocks - and NO empty blocks!
wladston
Full Member
***
Offline Offline

Activity: 157
Merit: 100


Always remember to be awesome.


View Profile WWW
June 08, 2012, 05:21:46 AM
 #14

I'm trying to generate some 6~8 char longs for some months already ... it's really hard, but maybe I can get lucky ...

Love programming? Checkout my book at http://code.energy/book
rjk
Sr. Member
****
Offline Offline

Activity: 448
Merit: 250


1ngldh


View Profile
June 08, 2012, 05:31:28 AM
 #15

I'm trying to generate some 6~8 char longs for some months already ... it's really hard, but maybe I can get lucky ...
Months really? It shouldn't be taking that long.. Here, have a 9 char addy: 1FreenodeMrq7gKn91wR4meJKEbi9RNa8M
(since the 1 counts as a character)

That was found along with one other less desirable one - less desirable because of the case mixture like 1FreEnoDe - because it was lucky in case-insensitive mode. Even if you require case-sensitivity, I recommend you run it in non-case-sensitive mode because then you will get several options and might get lucky.

Also, oclvanitygen running on a 5870 or similar hardware is much better and faster.

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
wladston
Full Member
***
Offline Offline

Activity: 157
Merit: 100


Always remember to be awesome.


View Profile WWW
June 08, 2012, 05:43:10 AM
 #16

I had no idea oclvanitygen was working. When I first used vanitygen, only the CPU mode worked. Will research, thanks for the info!

Love programming? Checkout my book at http://code.energy/book
daemonic
Newbie
*
Offline Offline

Activity: 49
Merit: 0


View Profile
June 14, 2012, 09:45:55 PM
 #17

has anyone managed to get this to work for Centos, it would appear that the security patches are all based on the fips version and if i edit to use the non fips source tarball, the patch hunks fail, so the rpm fails to build?
Tuxavant
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1000

Bitcoin Mayor of Las Vegas


View Profile WWW
June 15, 2012, 02:54:39 PM
 #18

absolutely pounded this week... forced to sit in a cold noisy datacenter most of the week with no "me" time at my desk. Wife and kids leaving town this weekend... so... hopefully soon.

rjk
Sr. Member
****
Offline Offline

Activity: 448
Merit: 250


1ngldh


View Profile
June 15, 2012, 02:56:18 PM
 #19

absolutely pounded this week... forced to sit in a cold noisy datacenter most of the week with no "me" time at my desk. Wife and kids leaving town this weekend... so... hopefully soon.
Sounds like heaven!

I've always wanted a rack to myself with a desk inside. Office is always too warm and I like the sound of fans. Grin

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
Tuxavant
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1000

Bitcoin Mayor of Las Vegas


View Profile WWW
June 15, 2012, 02:56:39 PM
 #20

in related news... I needed a vanity address so I ended up running vanitygen on wine on all my linux boxen. worked perfectly.

kano
Legendary
*
Offline Offline

Activity: 3514
Merit: 1378


Linux since 1997 RedHat 4


View Profile
June 15, 2012, 03:23:18 PM
 #21

has anyone managed to get this to work for Centos, it would appear that the security patches are all based on the fips version and if i edit to use the non fips source tarball, the patch hunks fail, so the rpm fails to build?
... and you can't build it using openssl-1.0.0j-1.fc16.src.rpm ?

Pool: https://kano.is - lowest fee PPLNS 3 Days - Most reliable Solo with ONLY 0.5% fee   Bitcointalk thread: Forum
Discord support invite at https://kano.is/ Majority developer of the ckpool code - k for kano
Help keep Bitcoin secure by mining on pools with full block verification on all blocks - and NO empty blocks!
daemonic
Newbie
*
Offline Offline

Activity: 49
Merit: 0


View Profile
July 01, 2012, 02:09:28 AM
Last edit: July 01, 2012, 02:20:51 AM by daemonic
 #22

I managed to get it working on Centos now Smiley

Heres how;

1. Followed kano's instructions from https://bitcointalk.org/index.php?topic=85228.msg946289#msg946289
I didnt want to install the newly built rpm for my whole system (repo protections, etc), so i then modified the vanitygen build to use the BUILD directory;
2. Edit Makefile as follows;
Code:
Change
LIBS=-lpcre -lcrypto -lm -lpthread
CFLAGS=-ggdb -O3 -Wall
To
LIBS=-L/usr/src/redhat/BUILD/openssl-1.0.0j -lpcre -lcrypto -lm -lpthread
CFLAGS=-ggdb -O3 -Wall -I/usr/src/redhat/BUILD/openssl-1.0.0j/include
3. Build the vanitygen/oclvanitygen
Code:
make vanitygen && make oclvanitygen
As per the openssl build, I dont want to install it fully, so..
4. Copied to my homedir and chown'd to my user as my user owns the DISPLAY:0 session.
5. Ran the oclvanitygen with BUILD lib dir environment variable set (so as to load the right libcrypto.so)
Code:
env LD_LIBRARY_PATH="/usr/src/redhat/BUILD/openssl-1.0.0j" ./oclvanitygen 1SomeName
which gave me a list of device numbers
Code:
Available OpenCL platforms:
0: [Advanced Micro Devices, Inc.] AMD Accelerated Parallel Processing
  0: [Advanced Micro Devices, Inc.] Cayman
  1: [GenuineIntel]               Intel(R) Pentium(R) D CPU 3.20GHz
6. Re-ran oclvanitygen with the OCL device number (-d <number>)
Code:
env LD_LIBRARY_PATH="/usr/src/redhat/BUILD/openssl-1.0.0j" ./oclvanitygen -d 0 1SomeName
7. Watch as you realise that to find an 8 digit vanity address could take a long time on a single 6970.

Hope this helps anyone else Smiley
marcus_of_augustus
Legendary
*
Offline Offline

Activity: 3584
Merit: 1764



View Profile
July 02, 2012, 06:52:53 AM
 #23

Someone else building OpenSSL rpms with ECDSA support here (64bit only thought it seems) ...

https://people.xiph.org/~greg/openssl/

kano
Legendary
*
Offline Offline

Activity: 3514
Merit: 1378


Linux since 1997 RedHat 4


View Profile
July 29, 2012, 04:54:04 AM
 #24

Got a new Motherboard last week so I installed FC17
(FC16 and earlier seems impossible to get working with an AM3+ GB-970A-D3)
FC17 is 1.0.0j-2 so I made a 1.0.0j-3
All compiled, built and installed without errors.

Pool: https://kano.is - lowest fee PPLNS 3 Days - Most reliable Solo with ONLY 0.5% fee   Bitcointalk thread: Forum
Discord support invite at https://kano.is/ Majority developer of the ckpool code - k for kano
Help keep Bitcoin secure by mining on pools with full block verification on all blocks - and NO empty blocks!
NilamDoc
Member
**
Offline Offline

Activity: 76
Merit: 10


Bitcoin


View Profile
March 12, 2013, 02:52:49 AM
 #25

I was able to compile vanitygen using this method:

cd /tmp
wget http://www.openssl.org/source/openssl-1.0.0j.tar.gz
unzip openssl-1.0.0j.tar.gz
tar -xvf openssl-1.0.0j.tar.gz

cd openssl-1.0.0.j
nano Makefile
#[Change the options]
OPTIONS= no-gmp no-jpake no-krb5 no-md2 no-rc5 no-rfc3779 no-shared  no-store no-zlib no-zlib-dynamic  static-engine enable-cms enable-md2 no-idea enable-ec enable-ecdh enable-ecdsa
 
 make
 make install
 
 cd /vanitygen
 nano Makefiile
#LIBS=-lpcre -lcrypto -lm -lpthread
#CFLAGS=-ggdb -O3 -Wall
LIBS=-L/tmp/openssl-1.0.0j -lpcre -lcrypto -lm -lpthread
CFLAGS=-ggdb -O3 -Wall -I/tmp/openssl-1.0.0j/include
OBJS=vanitygen.o  pattern.o util.o
PROGS=vanitygen

PLATFORM=$(shell uname -s)
ifeq ($(PLATFORM),Darwin)
OPENCL_LIBS=-framework OpenCL
else
OPENCL_LIBS=-lOpenCL
endif



all: $(PROGS)

vanitygen: vanitygen.o pattern.o util.o
        $(CC) $^ -o $@ $(CFLAGS) $(LIBS)

clean:
        rm -f $(OBJS) $(PROGS) $(TESTS)



make

Development Only
meltingrobot
Member
**
Offline Offline

Activity: 63
Merit: 10



View Profile WWW
May 13, 2013, 06:15:16 PM
 #26

I've been playing around more with building an openssl-ec RPM and RPMS for the alternate coins against it.  I'm making some progress, but I need to find a place to host a repository when I'm finished.

BTC: 1CTsBk6hfMMUQNweY5ytyesuPnTu8tBF3d
LTC: LQR3WUYVT4y5XxdmJJ5ttjwi6WwST1dkzN
neonzeon
Newbie
*
Offline Offline

Activity: 23
Merit: 0


View Profile
June 24, 2013, 10:31:30 PM
 #27

I followed Kano's instructions using a newly instantiated CentOS 6.4 server on the Amazon Cloud service.

There is a problem in step 6 where where you copy and rename http://www.openssl.org/source/openssl-1.0.0j.tar.gz

The patches in /rpmbuild/SOURCES are out of sync, because they still correlate to the original source from http://vault.centos.org/6.4/os/Source/SPackages/openssl-1.0.0-27.el6.src.rpm

My journey is documented here http://bitcointalk.org/index.php?topic=239337.msg2568979#msg2568979


neonzeon
Newbie
*
Offline Offline

Activity: 23
Merit: 0


View Profile
July 01, 2013, 09:13:58 AM
Last edit: July 01, 2013, 09:52:55 AM by neonzeon
 #28

I finally got CentOS 6.4 to rebuiild openssl with elliptic curves enables, as required by Bitcoin.

The primary issue is that the CentOS source package contains tarball openssl-1.0.0-usa.tar.bz2

The correct replacement tarball package from openssl.org would be this one http://www.openssl.org/source/openssl-1.0.0.tar.gz

Secondly, a patch from openssl.org is also needed: http://cvs.openssl.org/patchset?cn=19998

After the above two downloads, the spec file is edited to enable EC, point to the new source, and update the release number.

Detailed instructions how to do the build are here: https://bitcointalk.org/index.php?topic=239337.msg2624466#msg2624466
kano
Legendary
*
Offline Offline

Activity: 3514
Merit: 1378


Linux since 1997 RedHat 4


View Profile
July 07, 2013, 01:31:06 AM
Last edit: July 07, 2013, 03:14:44 AM by kano
 #29

Well it was all OK up to 1.0.0k ... but then redhat changed the libraries around somewhere between 1.0.0k and 1.0.1e

Rather than sort that out and have to do more editing ...

... instead of building an RPM with a dynamic library, you can simply just build the full versions and link static:

get the latest official openssl
extract it
cd openssl-1.0.1e (or whatever version you grabbed)
./config
make
pwd <- remember this (*A)

Next get bitcoin whatever version
extract it
cd bitcoin-0.8.3-linux/src/src (or whatever version you grabbed)
cp makefile.unix makefile
vim makefile
add at the top:

DSSL = /home/whatever/openssl-1.0.1e <- this is (*A)
ISSL = $(DSSL)/include
OPENSSL_LIB_PATH = $(DSSL)
OPENSSL_INCLUDE_PATH = $(ISSL)

save it then:
make

(there is of course a bunch of other stuff required to compile bitcoind, but the point of this post is how to simply get around the EC restrictions)

Pool: https://kano.is - lowest fee PPLNS 3 Days - Most reliable Solo with ONLY 0.5% fee   Bitcointalk thread: Forum
Discord support invite at https://kano.is/ Majority developer of the ckpool code - k for kano
Help keep Bitcoin secure by mining on pools with full block verification on all blocks - and NO empty blocks!
MasterJAzz483
Newbie
*
Offline Offline

Activity: 1
Merit: 0


View Profile
July 05, 2015, 03:55:35 AM
Last edit: July 05, 2015, 05:09:34 AM by MasterJAzz483
 #30

Im building version k on Fedora21. It builds ok but doesnt change the links or update anything in /lib like its supposed to when you do a "sudo make install". I had to pull k from fedora22 area. Version j, supplied for fedora21 just wont build. All sources of course coming from openssl.org. Only the RPM BUILD area has the proper links to change for /lib but Im getting a build error on EC, even though Ive changed the spec file as youve said to ENABLE it.

I moved the openssl version k source tarball to override the "hobbled" sources.There is no "USA" file. Im still getting an error when Im using the full sources.

Fedora is making this an ongoing nightmare. Debian distros ignore this fact completely and ship NON-free openssl by default, so this issue does not apply to them(but maybe it SHOULD?).

ERROR(using makefile modification, same as without it):

EXCEPTION: 9 key_error       
CKey::CKey() : EC_KEY_new_by_curve_name failed       
bitcoin in Runaway exception
kano
Legendary
*
Offline Offline

Activity: 3514
Merit: 1378


Linux since 1997 RedHat 4


View Profile
July 05, 2015, 05:36:18 AM
 #31

I've given up trying to get around the fedora changes - I also found that the binary in the bitcoin master linux build works on my current Fedora 20
(but I'm dropping using fedora soon anyway and going with another linux distro - too many version updates for no reason and no LTS style version between all the updates, and I'm sick of fedora forcing you to do stuff because they want the average "I don't know linux" user to only do what they want them to do)

Pool: https://kano.is - lowest fee PPLNS 3 Days - Most reliable Solo with ONLY 0.5% fee   Bitcointalk thread: Forum
Discord support invite at https://kano.is/ Majority developer of the ckpool code - k for kano
Help keep Bitcoin secure by mining on pools with full block verification on all blocks - and NO empty blocks!
Pages: 1 2 [All]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!