On Monday 10 November 2014 13:12:08 Velemas Vosak wrote: > Hello, > > I'm trying to build wget 1.16 with OpenSSL 1.0.0o but I got undefined > symbols: > > TLSv1_1_client_method > TLSv1_2_client_method > > The culprit is in src/openssl.c in incorrect version number: > > #if OPENSSL_VERSION_NUMBER >= 0x*01*001000 > case secure_protocol_tlsv1_1: > meth = TLSv1_1_client_method (); > break; > case secure_protocol_tlsv1_2: > meth = TLSv1_2_client_method (); > break; > #endif > > OpenSSL 1.0.1o > #define OPENSSL_VERSION_NUMBER 0x*10*0000ffL > > OpenSSL 1.0.1j > #define OPENSSL_VERSION_NUMBER 0x*10*0010afL > > According to the OpenSSL changelog TLSv1.1+ is added only starting 1.0.1.
Thanks for the report. Please test the attached patch and tell if this is working for you. Tim
From fed580b73acde119372183f85486fb7ce97521e5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim Rühsen?= <[email protected]> Date: Mon, 10 Nov 2014 15:34:46 +0100 Subject: [PATCH] Fix OpenSSL compile-time check for TLSv1.1 and TLSv1.2 Reported-by: Velemas Vosak <[email protected]> --- src/ChangeLog | 6 ++++++ src/openssl.c | 9 ++++++++- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/src/ChangeLog b/src/ChangeLog index 1e68d91..ab99451 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,9 @@ +2014-11-10 Tim Ruehsen <[email protected]> + + * openssl.c: Fix compile-time check for TLSv1.1 and TLSv1.2 + + Reported-by: Velemas Vosak <[email protected]> + 2014-11-06 Tim Ruehsen <[email protected]> * init.c, main.c, options.h: added new option --crl-file diff --git a/src/openssl.c b/src/openssl.c index edffe41..6685ee7 100644 --- a/src/openssl.c +++ b/src/openssl.c @@ -220,13 +220,20 @@ ssl_init (void) case secure_protocol_tlsv1: meth = TLSv1_client_method (); break; -#if OPENSSL_VERSION_NUMBER >= 0x01001000 +#if OPENSSL_VERSION_NUMBER >= 0x10001000 case secure_protocol_tlsv1_1: meth = TLSv1_1_client_method (); break; case secure_protocol_tlsv1_2: meth = TLSv1_2_client_method (); break; +#else + case secure_protocol_tlsv1_1: + logprintf (LOG_NOTQUIET, _("Your OpenSSL version is too old to support TLSv1.1\n")); + goto error; + case secure_protocol_tlsv1_2: + logprintf (LOG_NOTQUIET, _("Your OpenSSL version is too old to support TLSv1.2\n")); + goto error; #endif default: abort (); -- 2.1.3
signature.asc
Description: This is a digitally signed message part.
