Thanks Nipun. A patch is going to be a much better option for me given the difficulty of dealing with building RPMs and mock environments etc.
I understand part 2 of your suggestions but I'm unsure how to find out what my "abl version is" if I run openssl version I get the following output: "OpenSSL 1.0.0-fips 29 Mar 2010"
Should I be replacing all instances of '0x1000004fL' with '1.0.0-fips' in certificate_db.cc?
Sorry - I"m pretty new to this.
Thanks
On 10/08/2012, at 7:30 PM, nipun_mlist Assam <nipunmlist_at_gmail.com> wrote:
>>> certificate_db.cc: In member function 'bool
>>> Ssl::CertificateDb::deleteInvalidCertificate()':
>>> certificate_db.cc:441: error: cannot convert 'stack_st_OPENSSL_PSTRING*'
>>> to 'const _STACK*' for argument '1' to 'int sk_num(const _STACK*)'
>>> certificate_db.cc:442: error: cannot convert 'stack_st_OPENSSL_PSTRING*'
>>> to 'const _STACK*' for argument '1' to 'void* sk_value(const _STACK*, int)
>>>
>>> I don't quite understand what Michael did to work-around it. I would just
>>> like to know if this can be worked around given my environment and if so,
>>> how exactly?
>>
>>
>> He installed a different verioon of OpenSSL and used the --with-openssl=
>> configure option to tell Squid exactly which library to build against.
>>
>> The early 1.0.0 had symbol issues and all signs are pointing at those -fips
>> libraries being patched with ABI breaking stuff.
>>
>
> One more way to fix this is, .....
> replace all "#if OPENSSL_VERSION_NUMBER >= 0x1000004fL"
> with
> #if OPENSSL_VERSION_NUMBER >= your-openssl-abi-version"
>
> and replace all
> "const char **row = (const char **)sk_OPENSSL_PSTRING_value(..."
> with
> "const char **row = (const char **)sk_value((const _STACK *)(..."
>
> --
> Regards,
> Nipun
Received on Fri Aug 10 2012 - 10:15:09 MDT
This archive was generated by hypermail 2.2.0 : Fri Aug 10 2012 - 12:00:02 MDT