Search squid archive

Re: squid + sslbump compile errors

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



mån 2012-04-02 klockan 16:47 +0930 skrev Michael Hendrie:
> On 06/02/2012, at 10:08 AM, Henrik Nordström wrote:
> 
> > sön 2012-02-05 klockan 14:09 -0600 skrev James R. Leu:
> > 
> >> certificate_db.cc: In member function ‘void Ssl::CertificateDb::load()’:
> >> certificate_db.cc:455:1: error: ‘index_serial_hash_LHASH_HASH’ was not declared in this scope
> > 
> > Hm.. fails for me as well. Please try the attached patch.
> 
> Getting the same error as the original poster with 3.2.0.16.  Patch fixes part of the errors but not all.  Remaining is :
> 
> certificate_db.cc: In member function ‘bool Ssl::CertificateDb::deleteInvalidCertificate()’:
> certificate_db.cc:522: error: invalid conversion from ‘void*’ to ‘const _STACK*’
> certificate_db.cc:522: error:   initializing argument 1 of ‘void* sk_value(const _STACK*, int)’
> certificate_db.cc: In member function ‘bool Ssl::CertificateDb::deleteOldestCertificate()’:
> certificate_db.cc:553: error: invalid conversion from ‘void*’ to ‘const _STACK*’
> certificate_db.cc:553: error:   initializing argument 1 of ‘void* sk_value(const _STACK*, int)’
> certificate_db.cc: In member function ‘bool Ssl::CertificateDb::deleteByHostname(const std::string&)’:
> certificate_db.cc:570: error: invalid conversion from ‘void*’ to ‘const _STACK*’
> certificate_db.cc:570: error:   initializing argument 1 of ‘void* sk_value(const _STACK*, int)’
> 
> This is with Scientific Linux 6.1 (x86_64):
> OpenSSL 1.0.0-fips 29 Mar 2010
> gcc version 4.4.5 20110214 (Red Hat 4.4.5-6) (GCC) 

The problem is due to a RedHat patch to OpenSSL 1.0 where OpenSSL lies
about it's version. Not yet sure what is the best way to solve this but
I guess we need to make configure probe for these OpenSSL features
instead of relying on the advertised version if we want to support
--enable-ssl-crtd on these OS version.

It should be fixed in Fedora rawhide, but apparently can't be fixed for
released versions of Fedora or RHEL having the "hacked" openssl version.

Regards
Henrik



[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux