[stunnel-users] Compiling error when OPENSSL_NO_DH is defined and openssl version is < 1.1.0

• Previous message (by thread): [stunnel-users] Potential performance degradation moving from Stunnel 5.06 to 5.32
• Next message (by thread): [stunnel-users] IPv4 and IPv6
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi All,

Just report an issue on v5.32. 

If OPENSSL_NO_DH is defined and openssl version is < 1.1.0, DH_set0_pqg() is not defined in src/common.h.
But it will be compiled in src/ssl.c, due to no compile flag checking for OPENSSL_NO_DH.

Here is the diff: 

+#ifndef OPENSSL_NO_DH
#if OPENSSL_VERSION_NUMBER<0x10100000L
/* this is needed for dhparam.c generated with OpenSSL >= 1.1.0
 * to be linked against the older versions */ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) {
    if(!p || !g) /* q is optional */
        return 0;
    BN_free(dh->p);
    BN_free(dh->q);
    BN_free(dh->g);
    dh->p = p;
    dh->q = q;
    dh->g = g;
    if(q)
        dh->length = BN_num_bits(q);
    return 1;
}
#endif
+#endif


Cheers,
Brian

This email and any files transmitted with it may contain information of MitraStar Technology Corporation that are privileged / confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the named addressee you should not disseminate, disclose, distribute, copy, or use this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system.

• Previous message (by thread): [stunnel-users] Potential performance degradation moving from Stunnel 5.06 to 5.32
• Next message (by thread): [stunnel-users] IPv4 and IPv6
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]