[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8809) tls_o failure when linking to OpenSSL 1.0.2 with "no-deprecated" compile flag

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#8809) tls_o failure when linking to OpenSSL 1.0.2 with "no-deprecated" compile flag
From: quanah@symas.com
Date: Fri, 23 Feb 2018 17:48:49 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

--On Friday, February 23, 2018 5:07 PM +0000 Howard Chu <hyc@symas.com> 
wrote:

> quanah@openldap.org wrote:
>> Full_Name: Quanah Gibson-Mount
>> Version: HEAD
>> OS: N/A
>> URL: ftp://ftp.openldap.org/incoming/
>> Submission from: (NULL) (47.208.148.239)
>>
>>
>> When attempting to link OpenLDAP to OpenSSL 1.0.2 series, where OpenSSL
>> has been built with deprecated API's disabled, the build will fail.
>> This is because RSA_F4 is deprecated in 1.0.2.  In master, this is
>> around line 1367:
>>
>> # if OPENSSL_VERSION_NUMBER < 0x10100000
>> static RSA *
>> tlso_tmp_rsa_cb( SSL *ssl, int is_export, int key_length )
>
>> This function needs to check < 1.0.2 rather than < 1.1
>
> That would only be true if the RSA callback is not needed at all in
> 1.0.2. Is that true?

Not sure.  Exact error is in RE24 is:

tls_o.c:1184:25: error: 'RSA_F4' undeclared (first use in this function)
   if ( BN_set_word( bn, RSA_F4 )) {


so it dies before we get to the RSA_generate_key_ex function itself.

--Quanah

--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>

Prev by Date: Re: (ITS#8809) tls_o failure when linking to OpenSSL 1.0.2 with "no-deprecated" compile flag
Next by Date: (ITS#8810) speeling-error
Index(es):
- Chronological
- Thread