Alternative for structure opaque X509 & X509_STORE_CTX

Shivakumar Poojari Shivakumar.Poojari at rbbn.com
Tue Oct 5 04:24:15 UTC 2021


Hi Matt,
Seen this comment in GitHub

OpenSSL 1.1.0 made many structures opaque. You cannot directly access the fields inside the X509 structure any more. Instead you must use accessor functions. In this case, as @slontis<https://github.com/slontis> says, you must use the function X509_get0_signature()
https://github.com/openssl/openssl/issues/12447#issuecomment-660958868

:error: invalid use of incomplete type 'X509' {aka 'struct x509_st'}
     if (x->ocsp && x->ocsp->ocsp_url)

:error: invalid use of incomplete type 'X509' {aka 'struct x509_st'}
         if(cert->sig_alg)

:types.h:157:16: note: forward declaration of 'X509' {aka 'struct x509_st'}
 typedef struct x509_st X509;

error: invalid use of incomplete type 'X509' {aka 'struct x509_st'}
             sigAlg = OBJ_obj2nid((cert)->sig_alg->algorithm);

 error: invalid use of incomplete type 'X509_STORE_CTX' {aka 'struct x509_store_ctx_st'}
     x = ctx->cert;
            ^~
types.h:165:16: note: forward declaration of 'X509_STORE_CTX' {aka 'struct x509_store_ctx_st'}
 typedef struct x509_store_ctx_st X509_STORE_CTX;
                ^~~~~~~~~~~~~~~~~

error: invalid use of incomplete type 'X509_STORE_CTX' {aka 'struct x509_store_ctx_st'}
     ctx->current_cert = x;
        ^~

error: invalid use of incomplete type 'X509_STORE_CTX' {aka 'struct x509_store_ctx_st'}
     ctx->current_issuer = NULL;
        ^~

error: invalid use of incomplete type 'X509_STORE_CTX' {aka 'struct x509_store_ctx_st'}
     ctx->current_crl_score = 0;
        ^~

types.h:165:16: note: forward declaration of 'X509_STORE_CTX' {aka 'struct x509_store_ctx_st'}
 typedef struct x509_store_ctx_st X509_STORE_CTX;
                ^~~~~~~~~~~~~~~~~

types.h:165:16: note: forward declaration of 'X509_STORE_CTX' {aka 'struct x509_store_ctx_st'}
 typedef struct x509_store_ctx_st X509_STORE_CTX;
                ^~~~~~~~~~~~~~~~~
/sonus/p4/ws/spoojari/openssl3/marlin/SIPCM/sipCmOpenSSL.c:3268:8: error: invalid use of incomplete type 'X509_STORE_CTX' {aka 'struct x509_store_ctx_st'}
     ctx->current_reasons = 0;
        ^~

error: invalid use of incomplete type 'X509_STORE_CTX' {aka 'struct x509_store_ctx_st'}
     ctx->error = 0;
        ^~
error: invalid use of incomplete type 'X509' {aka 'struct x509_st'}
             if (px->ocsp && (px->ocsp->ocsp_validate == X509_OCSP_VALIDATE_DISABLED))
                   ^~

error: invalid use of incomplete type 'X509_STORE_CTX' {aka 'struct x509_store_ctx_st'}
         if (!ctx->ctx->ocsp_process_responder)
                 ^~

error: invalid use of incomplete type 'X509_STORE_CTX' {aka 'struct x509_store_ctx_st'}
     store = ctx->ctx;
                ^~

error: invalid use of incomplete type 'X509_STORE_CTX' {aka 'struct x509_store_ctx_st'}
         ok = ctx->verify_cb(0, ctx);
                 ^~
Getting above error in the code, Please provide the document that which function i can use to resolve this errors.

Thanks,
Shiva kumar

Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20211005/221c6941/attachment-0001.html>


More information about the openssl-users mailing list