[stunnel-users] Compiling error when OPENSSL_NO_DH is defined and openssl version is < 1.1.0

Brian Lin-林韋呂 Brian.Lin at mitrastar.com.tw
Fri May 27 09:46:14 CEST 2016

Hi All,

Just report an issue on v5.32. 

If OPENSSL_NO_DH is defined and openssl version is < 1.1.0, DH_set0_pqg() is not defined in src/common.h.
But it will be compiled in src/ssl.c, due to no compile flag checking for OPENSSL_NO_DH.

Here is the diff: 

+#ifndef OPENSSL_NO_DH
/* this is needed for dhparam.c generated with OpenSSL >= 1.1.0
 * to be linked against the older versions */ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) {
    if(!p || !g) /* q is optional */
        return 0;
    dh->p = p;
    dh->q = q;
    dh->g = g;
        dh->length = BN_num_bits(q);
    return 1;


This email and any files transmitted with it may contain information of MitraStar Technology Corporation that are privileged / confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the named addressee you should not disseminate, disclose, distribute, copy, or use this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system.

More information about the stunnel-users mailing list