quanah@openldap.org wrote:

Full_Name: Quanah Gibson-Mount Version: HEAD OS: N/A URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (47.208.148.239)

When attempting to link OpenLDAP to OpenSSL 1.0.2 series, where OpenSSL has been built with deprecated API's disabled, the build will fail. This is because RSA_F4 is deprecated in 1.0.2. In master, this is around line 1367:

#if OPENSSL_VERSION_NUMBER < 0x10100000 static RSA * tlso_tmp_rsa_cb( SSL *ssl, int is_export, int key_length )

This function needs to check < 1.0.2 rather than < 1.1

That would only be true if the RSA callback is not needed at all in 1.0.2. Is that true?