On 26/06/16 19:24, Carl Byington wrote: > I am trying to modify the sendmail 8.16 snapshot to use openssl 1.1, but > ran into a few issues. > > > SSL_CTX_set_tmp_rsa_callback() was used to setup a temporary rsa key. It > seems we never need to generate temp rsa keys since all the ephemeral > rsa exchanges were removed. Is that correct? > Yes - these were export grade ciphersuites so they were removed and so were the associated functions. We should probably add some no-op compat macros for these. > > x509_vfy.h has: > > # define X509_STORE_set_verify_cb_func(ctx,func) > ((ctx)->verify_cb=(func)) > > which causes a compile error since the X509_STORE structure is opaque. > Is there a workaround for this? This was fixed some while ago in commit 7cafbb4bd and is available in the latest master. Matt
