[ldns-users] ldns and openssl-1.1.x

A. Schulze sca at andreasschulze.de
Thu Oct 13 19:34:27 UTC 2016


I try to compile ldns-1.6.17 with openssl-1.1.0b and I fail :-/
Here's what I found so far.

1. I need to use pkg-config because my versions of libssl/libcrypto are named libssl-foo/libcrypto-foo
2. HMAC_CTX_init() was replaced with HMAC_CTX_reset() in OpenSSL versions 1.1.0
   ( see https://www.openssl.org/docs/manmaster/crypto/HMAC.html#HISTORY )

I created the attached patch to address these points in ./configure.
After that compilation still fail:

./dane.c: In function 'ldns_dane_pkix_get_last_self_signed':
./dane.c:330:14: error: dereferencing pointer to incomplete type
  if (vrfy_ctx->error == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN ||
./dane.c:331:14: error: dereferencing pointer to incomplete type
      vrfy_ctx->error == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT){
any ideas?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: openssl-1.1.x.patch
Type: text/x-diff
Size: 1783 bytes
Desc: not available
URL: <http://lists.nlnetlabs.nl/pipermail/ldns-users/attachments/20161013/ad4c49e0/attachment.bin>

More information about the ldns-users mailing list