Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: exim: dev
CentOS 5's old openssl and TLS support
 

Index | Next | Previous | View Flat


tlyons at ivenue

May 20, 2012, 8:02 AM


Views: 1330
Permalink
CentOS 5's old openssl and TLS support

The addition of a new TLS capability (SNI) seems to have left CentOS 5.x
out in the cold. C5x comes with (by now a heavily patched) openssl 0.9.8e,
which does not support SNI. Quoting from
http://stackoverflow.com/questions/7340784/easy-install-pyopenssl-error :

"Support for SNI was introduced in OpenSSL 0.9.8f. Thus, pyOpenSSL 0.13
will build with OpenSSL 0.9.8f or later, but not OpenSSL 0.9.8e or earlier,
where the APIs it expects to be wrapping do not exist."

The compile fails as per the following. Ignore the ugly includes of srs
and srs/src, I do some trickery in my spec file and build these libs into
modules and package it all together.

gcc -c -O -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -I/usr/include
-I/usr/include -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions
-fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -DSPF -DSRS
-fpie -DSPF -I../src -I../../src -I../src/srs/src -I../../src/srs/src
-I../../src/srs -std=gnu99 -I. -I/usr/kerberos/include tls.c
In file included from tls.c:97:
tls-openssl.c: In function 'tls_servername_cb':
tls-openssl.c:546: warning: implicit declaration of function
'SSL_get_servername'
tls-openssl.c:546: error: 'TLSEXT_NAMETYPE_host_name' undeclared (first use
in this function)
tls-openssl.c:546: error: (Each undeclared identifier is reported only once
tls-openssl.c:546: error: for each function it appears in.)
tls-openssl.c:546: warning: initialization makes pointer from integer
without a cast
tls-openssl.c:552: error: 'SSL_TLSEXT_ERR_OK' undeclared (first use in this
function)
tls-openssl.c:574: error: 'SSL_TLSEXT_ERR_NOACK' undeclared (first use in
this function)
tls-openssl.c:584: warning: implicit declaration of function
'SSL_CTX_set_tlsext_servername_callback'
tls-openssl.c:585: warning: implicit declaration of function
'SSL_CTX_set_tlsext_servername_arg'
tls-openssl.c:605: warning: implicit declaration of function
'SSL_set_SSL_CTX'
tls-openssl.c: In function 'tls_client_start':
tls-openssl.c:1244: warning: implicit declaration of function
'SSL_set_tlsext_host_name'
make[1]: *** [tls.o] Error 1
make[1]: Leaving directory
`/home/tlyons/RPM/BUILD/exim-4.80_RC2/build-Linux-x86_64'
make: *** [all] Error 2

Do we need to add some detection of openssl version or is this also going
to be a backwards incompatible change?

...Todd
--
Always code as if the guy who ends up maintaining your code will be a
violent psychopath who knows where you live. -- Martin Golding
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

Subject User Time
CentOS 5's old openssl and TLS support tlyons at ivenue May 20, 2012, 8:02 AM
    Re: CentOS 5's old openssl and TLS support pdp at exim May 20, 2012, 4:32 PM
        Re: CentOS 5's old openssl and TLS support tlyons at ivenue May 21, 2012, 7:40 AM
    Re: CentOS 5's old openssl and TLS support pdp at exim May 21, 2012, 6:57 PM
        Re: CentOS 5's old openssl and TLS support A.C.Aitchison at dpmms May 22, 2012, 4:00 AM
        Re: CentOS 5's old openssl and TLS support tlyons at ivenue May 22, 2012, 7:27 AM
        Re: CentOS 5's old openssl and TLS support tlyons at ivenue Feb 2, 2013, 8:43 PM
    Re: CentOS 5's old openssl and TLS support pdp at exim Feb 2, 2013, 9:13 PM
        Re: CentOS 5's old openssl and TLS support tlyons at ivenue Feb 2, 2013, 9:31 PM

  Index | Next | Previous | View Flat
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.