Hi guys, On Wed, Jul 12, 2017 at 03:36:24PM +0200, Emeric Brun wrote: > Same worries, the openssl 0.9.8 is still maintained in redhat 5 so we should > be able to compile with this version.
OK so I checked and this patch is OK with 0.9.8zh, 1.0.0t, 1.0.1u and 1.0.2k, so I merged it. However Manu, the following patch broke 0.9.8 and 1.0.0 : commit 0594211987351eaf521577b798a3a461b043710c Author: Emmanuel Hocdet <[email protected]> Date: Mon Feb 20 16:11:50 2017 +0100 MEDIUM: boringssl: support native multi-cert selection without bundling This patch used boringssl's callback to analyse CLientHello before any handshake to extract key signature capabilities. Certificat with better signature (ECDSA before RSA) is choosed transparenty, if client can support it. RSA and ECDSA certificates can be declare in a row (without order). This makes it possible to set different ssl and filter parameter with crt-list. src/ssl_sock.c: In function 'ssl_sock_load_cert_chain_file': src/ssl_sock.c:3038:20: error: 'TLSEXT_signature_anonymous' undeclared (first use in this function) src/ssl_sock.c:3038:20: note: each undeclared identifier is reported only once for each function it appears in src/ssl_sock.c:3063:14: error: 'TLSEXT_signature_rsa' undeclared (first use in this function) src/ssl_sock.c:3066:14: error: 'TLSEXT_signature_ecdsa' undeclared (first use in this function) /g/public/linux/master/x86_64-gcc47_glibc218-linux-gnu-gcc -Iinclude -Iebtree -Wall -pg -O0 -g -fno-strict-aliasing -Wdeclaration-after-statemen I think this is minor considering that you added an argument, probably you can simply "#ifndef x /#define x 0" on it. Could you please have a look ? Thanks, Willy
