Re: [Openvpn-devel] [RFC PATCH v1 01/15] OpenSSL: don't use direct access to the internal of SSL_CTX

Thu, 23 Feb 2017 00:07:10 -0800 

Good morning,

On Fri, Feb 17, 2017 at 11:00:40PM +0100, [email protected] wrote:
> From: Emmanuel Deloget <[email protected]>
> 
> OpenSSL 1.1 does not allow us to directly access the internal of
> any data type, including SSL_CTX. We have to use the defined functions
> to do so.
> 
> Compatibility with OpenSSL 1.0 is kept by defining the corresponding
> functions when they are not found in the library.
> 
> Signed-off-by: Emmanuel Deloget <[email protected]>
> ---
>  configure.ac                 |  9 ++++++
>  src/openvpn/openssl_compat.h | 74 
> ++++++++++++++++++++++++++++++++++++++++++++

This patch brings two problems outside the "OpenSSL functionality" 
part.

 - openssl_compat.h is not included in the built tarballs, so mingw builds
   fail (and "builds for anyone building from tarballs" would break) ->
   findable by running "make distcheck"

 - configure.ac does something to CentOS 6 / RHEL 6 which makes configure
   explode:

...
checking for linux/if_tun.h... yes
checking tap-windows.h usability... no
checking tap-windows.h presence... no
checking for tap-windows.h... no
checking whether TUNSETPERSIST is declared... yes
checking for setcon in -lselinux... yes
checking for pam_start in -lpam... yes
checking for PKCS11_HELPER... no
./configure: line 21440: syntax error near unexpected token `fi'
./configure: line 21440: `fi'



The first one is easily fixed, but I do not know how to tackle the 
second one - no access to a CentOS6/RHEL6 box, and not enough autoconf
clue to see this right away.  Patch *looks* good...  most likely just a 
stray "\" where none should be, or so...

Please :-)

gert
-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             [email protected]
fax: +49-89-35655025                        [email protected]

Attachment: signature.asc
Description: PGP signature

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Reply via email to