[openssl-dev] [openssl.org #4398] BUG / 1.0.2g breaks CURL extension

[Viktor Dukhovni]

On Tue, Mar 08, 2016 at 04:09:29PM +0000, Thomas Brunnthaler via RT wrote:

> I am unable to recompile PHP 5.2.17 VC6 TS x86  and because of my old
> webserver (where source is not available) i cannot upgrade to any newer
> version with VC9+  Is the software change in OpenSSL so dramatic, that
> newer releases are totally incompatible with "old" software ?

No, but 1.0.2g in default builds omits three previously defined functions,

	SSLv2_method(),
	SSLv2_client_method(),
	SSLv2_server_method().

on platforms where symbol (function name) resolution is not "lazy"
(delayed to first use), programs that can but don't in practice
use SSLv2 may not start when the library no longer provides these
functions.

> > > Is this fixed by:
> > > https://github.com/openssl/openssl/commit/133138569f37d149ed1d7641fe8c75a93fded445

The commit above restores the symbols.  If you could build that
version (checkout from git, or apply the patch) and confirm whether
the issue is resolved, that would be great.

-- 
	Viktor.

commit 133138569f37d149ed1d7641fe8c75a93fded445
Author: Viktor Dukhovni <viktor at twosigma.com>
Date:   Mon Mar 7 21:10:38 2016 +0000

    Retain SSLv2 methods as functions that return NULL
    
    This improves ABI compatibility when symbol resolution is not lazy.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>

diff --git a/ssl/s2_meth.c b/ssl/s2_meth.c
index b312f17..d46e2f5 100644
--- a/ssl/s2_meth.c
+++ b/ssl/s2_meth.c
@@ -74,8 +74,8 @@ IMPLEMENT_ssl2_meth_func(SSLv2_method,
                          ssl2_accept, ssl2_connect, ssl2_get_method)
 #else                           /* !OPENSSL_NO_SSL2 */
 
-# if PEDANTIC
-static void *dummy = &dummy;
-# endif
+SSL_METHOD *SSLv2_method(void) { return NULL; }
+SSL_METHOD *SSLv2_client_method(void) { return NULL; }
+SSL_METHOD *SSLv2_server_method(void) { return NULL; }
 
 #endif