Full_Name: Graham Leggett Version: git master OS: CentOS7 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (2001:470:18b1:1:c920:9f6:b546:7826) The addition of 8e34ed8c on the 7th of November broke the build for openssl < 1.1, as the patch used the newer versions of these functions. The following patch adds the associated autoconf stuff to fix this: From e111db878300d60acdc295eec08e008a831f9895 Mon Sep 17 00:00:00 2001 From: Graham Leggett <minfrin@sharp.fm> Date: Sat, 23 Sep 2017 02:10:36 +0000 Subject: [PATCH] EVP_MD_CTX_create and EVP_MD_CTX_destroy have been replaced by EVP_MD_CTX_new and EVP_MD_CTX_free in openssl v1.1 and above. --- configure.in | 5 +++++ libraries/libldap/tls_o.c | 8 ++++++++ 2 files changed, 13 insertions(+) diff --git a/configure.in b/configure.in index 46e5e8c..b3da5f1 100644 --- a/configure.in +++ b/configure.in @@ -1223,6 +1223,11 @@ if test $ol_with_tls = openssl || test $ol_with_tls = auto ; then TLS_LIBS="-lssl -lcrypto" fi + save_LIBS="$LIBS" + LIBS="$LIBS $TLS_LIBS" + AC_CHECK_FUNCS(EVP_MD_CTX_create EVP_MD_CTX_destroy) + LIBS="$save_LIBS" + OL_SSL_COMPAT if test $ol_cv_ssl_crl_compat = yes ; then AC_DEFINE(HAVE_OPENSSL_CRL, 1, diff --git a/libraries/libldap/tls_o.c b/libraries/libldap/tls_o.c index d3b6ceb..14dffbd 100644 --- a/libraries/libldap/tls_o.c +++ b/libraries/libldap/tls_o.c @@ -867,7 +867,11 @@ tlso_session_pinning( LDAP *ld, tls_session *sess, char *hashalg, struct berval goto done; } +#ifdef HAVE_EVP_MD_CTX_CREATE + mdctx = EVP_MD_CTX_create(); +#else mdctx = EVP_MD_CTX_new(); +#endif if ( !mdctx ) { rc = -1; goto done; @@ -877,7 +881,11 @@ tlso_session_pinning( LDAP *ld, tls_session *sess, char *hashalg, struct berval EVP_DigestUpdate( mdctx, key.bv_val, key.bv_len ); EVP_DigestFinal_ex( mdctx, (unsigned char *)keyhash.bv_val, &len ); keyhash.bv_len = len; +#ifdef HAVE_EVP_MD_CTX_DESTROY + EVP_MD_CTX_destroy( mdctx ); +#else EVP_MD_CTX_free( mdctx ); +#endif } else { keyhash = key; } -- 1.8.3.1
--On Thursday, November 16, 2017 4:47 PM +0000 minfrin@sharp.fm wrote: > Full_Name: Graham Leggett > Version: git master > OS: CentOS7 > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (2001:470:18b1:1:c920:9f6:b546:7826) > > > The addition of 8e34ed8c on the 7th of November broke the build for > openssl < 1.1, as the patch used the newer versions of these functions. Thanks for the report! This issue has now been fixed in openldap head without the necessity of a configure check. Regards, Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>
changed notes changed state Open to Closed moved from Incoming to Software Bugs
changed state Closed to Test
Fixed in master (master only)
changed notes