[openssl-dev] [openssl.org #3924] Unable to compile OpenSSL 1.0.0s with no-tlsext option

Dinesh Yegireddi -X via RT rt at openssl.org
Wed Jun 24 10:21:32 UTC 2015 

Hi There,

I tried to compile OpenSSL 1.0.0s with no-tlsext option and got the following compilation error.

ssl_sess.c: In function 'ssl_session_dup':
ssl_sess.c:257: error: 'SSL_SESSION' has no member named 'tlsext_tick'
ssl_sess.c:324: error: 'SSL_SESSION' has no member named 'tlsext_tick'
ssl_sess.c:324: error: 'SSL_SESSION' has no member named 'tlsext_tick'
ssl_sess.c:324: error: 'SSL_SESSION' has no member named 'tlsext_ticklen'
ssl_sess.c:325: error: 'SSL_SESSION' has no member named 'tlsext_tick'
ssl_sess.c:328: error: 'SSL_SESSION' has no member named 'tlsext_tick_lifetime_hint'
ssl_sess.c:329: error: 'SSL_SESSION' has no member named 'tlsext_ticklen'
make[1]: *** [ssl_sess.o] Error 1
make[1]: Leaving directory `/root/openssl-1.0.0s/ssl'
make: *** [build_ssl] Error 1
[root at SSL-LINUX-SERVER-POD5 openssl-1.0.0s]#

Below were the steps followed for compilation.

[root at SSL-LINUX-SERVER-POD5 openssl-1.0.0s]# ./config no-tlsext

-----------------------------------------------------------------------------------------------
-----------------------------------------------------------------------------------------------
Since you've disabled or enabled at least one algorithm, you need to do
the following before building:

        make depend

Configured for linux-x86_64.
[root at SSL-LINUX-SERVER-POD5 openssl-1.0.0s]# make depend

-------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------
[root at SSL-LINUX-SERVER-POD5 openssl-1.0.0s]# make


I overcome it with below patch

[root at SSL-LINUX-SERVER-POD5 ~]# diff -crB openssl-1.0.0s/ssl/ssl_sess.c openssl-1.0.0s_changed/ssl/ssl_sess.c > openssl.patch
[root at SSL-LINUX-SERVER-POD5 ~]# cat openssl.patch
*** openssl-1.0.0s/ssl/ssl_sess.c       2015-06-11 07:10:15.000000000 -0700
--- openssl-1.0.0s_changed/ssl/ssl_sess.c       2015-06-24 02:39:53.000000000 -0700
***************
*** 253,260 ****
      dest->tlsext_ecpointformatlist = NULL;
      dest->tlsext_ellipticcurvelist = NULL;
  # endif
- #endif
      dest->tlsext_tick = NULL;
      memset(&dest->ex_data, 0, sizeof(dest->ex_data));

      /* We deliberately don't copy the prev and next pointers */
--- 253,260 ----
      dest->tlsext_ecpointformatlist = NULL;
      dest->tlsext_ellipticcurvelist = NULL;
  # endif
      dest->tlsext_tick = NULL;
+ #endif
      memset(&dest->ex_data, 0, sizeof(dest->ex_data));

      /* We deliberately don't copy the prev and next pointers */
***************
*** 318,324 ****
              goto err;
      }
  # endif
- #endif

      if (ticket != 0) {
          dest->tlsext_tick = BUF_memdup(src->tlsext_tick, src->tlsext_ticklen);
--- 318,323 ----
***************
*** 328,333 ****
--- 327,333 ----
          dest->tlsext_tick_lifetime_hint = 0;
          dest->tlsext_ticklen = 0;
      }
+ #endif

      return dest;
  err:
[root at SSL-LINUX-SERVER-POD5 ~]#

Could you please confirm, is it a known issue and can I continue with above patch?


Thanks & Regards,
Dinesh

-------------- next part --------------
_______________________________________________
openssl-bugs-mod mailing list
openssl-bugs-mod at openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod

More information about the openssl-dev mailing list