Fixed the compilation issue. I guess it is safe to use the check "#if
OPENSSL_VERSION_NUMBER >= 0x10000003L" instead. This check is there
in many files. I modified only certificate_db.cc. If we know the exact
openssl version from where these lhash, safestack etc. headers got
modified, then this check can be made more appropriate.
diff -ur squid-3.2.0.19/src/ssl/certificate_db.cc
squid-3.2.0.19_sslcompilefix/src/ssl/certificate_db.cc
--- squid-3.2.0.19/src/ssl/certificate_db.cc 2012-08-02
05:14:34.000000000 -0700
+++ squid-3.2.0.19_sslcompilefix/src/ssl/certificate_db.cc
2012-08-09 05:25:19.362601312 -0700
@@ -450,7 +450,7 @@
corrupt = true;
// Create indexes in db.
-#if OPENSSL_VERSION_NUMBER >= 0x1000004fL
+#if OPENSSL_VERSION_NUMBER >= 0x10000003L
if (!corrupt && !TXT_DB_create_index(temp_db.get(), cnlSerial,
NULL, LHASH_HASH_FN(index_serial), LHASH_COMP_FN(index_serial)))
corrupt = true;
@@ -489,7 +489,7 @@
void Ssl::CertificateDb::deleteRow(const char **row, int rowIndex)
{
const std::string filename(cert_full + "/" + row[cnlSerial] + ".pem");
-#if OPENSSL_VERSION_NUMBER >= 0x1000004fL
+#if OPENSSL_VERSION_NUMBER >= 0x10000003L
sk_OPENSSL_PSTRING_delete(db.get()->data, rowIndex);
#else
sk_delete(db.get()->data, rowIndex);
@@ -497,7 +497,7 @@
const Columns db_indexes[]={cnlSerial, cnlName};
for (unsigned int i = 0; i < countof(db_indexes); ++i) {
-#if OPENSSL_VERSION_NUMBER >= 0x1000004fL
+#if OPENSSL_VERSION_NUMBER >= 0x10000003L
if (LHASH_OF(OPENSSL_STRING) *fieldIndex =
db.get()->index[db_indexes[i]])
lh_OPENSSL_STRING_delete(fieldIndex, (char **)row);
#else
@@ -518,9 +518,9 @@
return false;
bool removed_one = false;
-#if OPENSSL_VERSION_NUMBER >= 0x1000004fL
+#if OPENSSL_VERSION_NUMBER >= 0x10000003L
for (int i = 0; i < sk_OPENSSL_PSTRING_num(db.get()->data); ++i) {
- const char ** current_row = ((const char
**)sk_OPENSSL_PSTRING_value(db.get()->data, i));
+ const char ** current_row = ((const char **)sk_value((const
_STACK *)(db.get()->data), i));
#else
for (int i = 0; i < sk_num(db.get()->data); ++i) {
const char ** current_row = ((const char
**)sk_value(db.get()->data, i));
@@ -543,15 +543,15 @@
if (!db)
return false;
-#if OPENSSL_VERSION_NUMBER >= 0x1000004fL
+#if OPENSSL_VERSION_NUMBER >= 0x10000003L
if (sk_OPENSSL_PSTRING_num(db.get()->data) == 0)
#else
if (sk_num(db.get()->data) == 0)
#endif
return false;
-#if OPENSSL_VERSION_NUMBER >= 0x1000004fL
- const char **row = (const char
**)sk_OPENSSL_PSTRING_value(db.get()->data, 0);
+#if OPENSSL_VERSION_NUMBER >= 0x10000003L
+ const char **row = (const char **)sk_value((const _STACK
*)(db.get()->data), 0);
#else
const char **row = (const char **)sk_value(db.get()->data, 0);
#endif
@@ -566,9 +566,9 @@
if (!db)
return false;
-#if OPENSSL_VERSION_NUMBER >= 0x1000004fL
+#if OPENSSL_VERSION_NUMBER >= 0x10000003L
for (int i = 0; i < sk_OPENSSL_PSTRING_num(db.get()->data); ++i) {
- const char ** current_row = ((const char
**)sk_OPENSSL_PSTRING_value(db.get()->data, i));
+ const char ** current_row = ((const char **)sk_value((const
_STACK *)(db.get()->data), i));
#else
for (int i = 0; i < sk_num(db.get()->data); ++i) {
const char ** current_row = ((const char
**)sk_value(db.get()->data, i));
Regards,
Nipun Talukdar
Bangalore
India
On Thu, Aug 9, 2012 at 4:39 PM, nipun_mlist Assam <nipunmlist@xxxxxxxxx> wrote:
> Hi Amos,
>
> OPENSSL_VERSION_NUMBER is 0x10000003L
>
> I replaced (in certificate_db.cc)
> #if OPENSSL_VERSION_NUMBER >= 0x1000004fL
> with
> #if OPENSSL_VERSION_NUMBER >= 0x10000003L
> .
>
> Now I get the below problem: (compiler used is g++ (GCC) 4.4.4
> 20100726 (Red Hat 4.4.4-13) )
> certificate_db.cc: In member function ‘bool
> Ssl::CertificateDb::deleteInvalidCertificate()’:
> certificate_db.cc:523: error: invalid conversion from ‘void*’ to ‘const _STACK*’
> certificate_db.cc:523: error: initializing argument 1 of ‘void*
> sk_value(const _STACK*, int)’
> certificate_db.cc: In member function ‘bool
> Ssl::CertificateDb::deleteOldestCertificate()’:
> certificate_db.cc:554: error: invalid conversion from ‘void*’ to ‘const _STACK*’
> certificate_db.cc:554: error: initializing argument 1 of ‘void*
> sk_value(const _STACK*, int)’
> certificate_db.cc: In member function ‘bool
> Ssl::CertificateDb::deleteByHostname(const std::string&)’:
> certificate_db.cc:571: error: invalid conversion from ‘void*’ to ‘const _STACK*’
> certificate_db.cc:571: error: initializing argument 1 of ‘void*
> sk_value(const _STACK*, int)’
>
>
>
>
>
> On Thu, Aug 9, 2012 at 4:22 PM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:
>> On 09.08.2012 20:04, nipun_mlist Assam wrote:
>>>
>>> Hi All,
>>>
>>> I am facing compilation problem with squid 3.2.0.19. This fails
>>> because of some changes in openssl header lhash.h (generally installs
>>> in /usr/icnlude/openssl/lhash.h).
>>> I used openssl 1.0.0 (OpenSSL 1.0.0-fips) for building squid.
>>> The lhash.h header has slightly different macros in openssl 1.0.0 and
>>> openssl 0.9.8. That is failing the build. I believe if we fix these
>>> macro calls, squid should compile without any problem. Most probably
>>> there won't be any issue with any other openssl APIs used by squid and
>>> squid hopefully works just fine with openssl 1.0.0 as well.
>>>
>>> My question here is, if anybody fixed the problem already and if squid
>>> works works with openssl 1.0.0 also.
>>
>>
>>
>> Could you please search your openssl .h files for the *exact* ABI version
>> number and report back please.
>> It should look like "#define OPENSSL_VERSION_NUMBER ..."
>>
>> Amos
>
>
>
> --
> Regards,
> Nipun
--
Regards,
Nipun
