* Kurt Roeckx: > On Mon, Jun 27, 2016 at 12:46:26AM +0200, Hilko Bengen wrote: >> control: tag -1 moreinfo >> >> Hi Kurt, >> >> I was able to get the yara build fixed by applying this simple patch: >> >> - const char* sig_alg = >> OBJ_nid2ln(OBJ_obj2nid(cert->sig_alg->algorithm)); >> + const char* sig_alg = OBJ_nid2ln(X509_get_signature_nid(cert)); >> >> However, since I don't really know a lot about OpenSSL's internals, I'm >> not sure if the fix is actually correct. > > Yes, that looks correct.
I have some more questions: YARA upstream has added some things, leading to further breakage with OpenSSL 1.1: 1. CRYPTO_LOCK is no longer defined, apparently because some locking functions have been removed: - CRYPTO_num_locks() - CRYPTO_set_id_callback() - CRYPTO_set_locking_callback() - CRYPTO_num_locks() What API am I supposed to use instead ... and is it also available with previous versions of OpenSSL? 2. i2c_ASN1_INTEGER() is no longer available outside the OpenSSL code base. What am I supposed to use instead? (What is this "context encoding", anyway?) Cheers, -Hilko