mån 2012-04-02 klockan 16:47 +0930 skrev Michael Hendrie: > On 06/02/2012, at 10:08 AM, Henrik Nordström wrote: > > > sön 2012-02-05 klockan 14:09 -0600 skrev James R. Leu: > > > >> certificate_db.cc: In member function ‘void Ssl::CertificateDb::load()’: > >> certificate_db.cc:455:1: error: ‘index_serial_hash_LHASH_HASH’ was not declared in this scope > > > > Hm.. fails for me as well. Please try the attached patch. > > Getting the same error as the original poster with 3.2.0.16. Patch fixes part of the errors but not all. Remaining is : > > certificate_db.cc: In member function ‘bool Ssl::CertificateDb::deleteInvalidCertificate()’: > certificate_db.cc:522: error: invalid conversion from ‘void*’ to ‘const _STACK*’ > certificate_db.cc:522: error: initializing argument 1 of ‘void* sk_value(const _STACK*, int)’ > certificate_db.cc: In member function ‘bool Ssl::CertificateDb::deleteOldestCertificate()’: > certificate_db.cc:553: error: invalid conversion from ‘void*’ to ‘const _STACK*’ > certificate_db.cc:553: error: initializing argument 1 of ‘void* sk_value(const _STACK*, int)’ > certificate_db.cc: In member function ‘bool Ssl::CertificateDb::deleteByHostname(const std::string&)’: > certificate_db.cc:570: error: invalid conversion from ‘void*’ to ‘const _STACK*’ > certificate_db.cc:570: error: initializing argument 1 of ‘void* sk_value(const _STACK*, int)’ > > This is with Scientific Linux 6.1 (x86_64): > OpenSSL 1.0.0-fips 29 Mar 2010 > gcc version 4.4.5 20110214 (Red Hat 4.4.5-6) (GCC) The problem is due to a RedHat patch to OpenSSL 1.0 where OpenSSL lies about it's version. Not yet sure what is the best way to solve this but I guess we need to make configure probe for these OpenSSL features instead of relying on the advertised version if we want to support --enable-ssl-crtd on these OS version. It should be fixed in Fedora rawhide, but apparently can't be fixed for released versions of Fedora or RHEL having the "hacked" openssl version. Regards Henrik