Full_Name: Mitchell Blank Version: 2.4.43 OS: linux URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (80.169.198.86)
Recently a couple alpha releases for OpenSSL 1.1.X have been posted on www.openssl.org with the request that software be tested against them prior to release.
I tried compiling the most recent OpenLDAP against it, but it failed. One of the overarching changes that OpenSSL is making is that many of its datatypes are now only visible as opaque pointers (in other words, their layout and size are considered private to OpenSSL itself)
This caused the following compile errors in tls_o.c:
openldap-2.4.43/libraries/libldap/tls_o.c: In function tlso_ctx_ref: openldap-2.4.43/libraries/libldap/tls_o.c:199:20: error: dereferencing pointer
to incomplete type
CRYPTO_add( &c->references, 1, CRYPTO_LOCK_SSL_CTX ); ^ openldap-2.4.43/libraries/libldap/tls_o.c: In function tlso_session_my_dn: openldap-2.4.43/libraries/libldap/tls_o.c:451:21: error: dereferencing pointer
to incomplete type der_dn->bv_val = xn->bytes->data;
^openldap-2.4.43/libraries/libldap/tls_o.c: In function
tlso_session_peer_dn:
openldap-2.4.43/libraries/libldap/tls_o.c:478:21: error: dereferencing pointer
to incomplete type der_dn->bv_val = xn->bytes->data;
^openldap-2.4.43/libraries/libldap/tls_o.c: In function
tlso_session_chkhost:
openldap-2.4.43/libraries/libldap/tls_o.c:618:21: error: dereferencing pointer
to incomplete type
if ( !OBJ_cmp( ne->object, obj )) { ^
The last one can probably be replaced with a X509_NAME_ENTRY_get_object() call. I don't know enough about the X509_NAME API to know how to fix the ->bytes->data ones.
For what it's worth, there were also a couple deprecated warnings:
openldap-2.4.43/libraries/libldap/tls_o.c:179:2: warning: ERR_remove_state
is deprecated
openldap-2.4.43/libraries/libldap/tls_o.c:1251:3: warning:
DH_generate_parameters is deprecated
Right now this isn't super urgency, but within a couple months OpenSSL 1.1.0 is expected to be released and suddenly a lot more people will be hitting this issue.
-
m-oldap@bodyfour.uk