I can't get the 1.0.1e SSL library to build when I specify the following config options:
shared no-ec2m no-idea no-krb5 no-mdc2 no-rc5 no-tlsext -DOPENSSL_IA32_SSE2 First I get warnings: s3_srvr.c: warning: implicit declaration of function 'ssl_check_clienthello_tlsext_late' s3_srvr.c: warning: implicit declaration of function 'tls12_get_sigandhash' s3_srvr.c: warning: implicit declaration of function 'tls12_get_sigid' s3_srvr.c: warning: implicit declaration of function 'tls12_get_hash' s3_clnt.c: warning: implicit declaration of function 'tls12_get_sigid' s3_clnt.c: warning: implicit declaration of function 'tls12_get_hash' Then the build fails altogether when compiling d1_srtp.c: d1_srtp.c: error: 'SSL_CTX' has no member named 'srtp_profiles' d1_srtp.c: error: 'SSL' has no member named 'srtp_profiles' If I rerun the config adding the 'no-srtp' option, I still get the 'implicit declaration' warnings and libssl is missing the following functions: ssl_check_clienthello_tlsext_late tls1_process_sigalgs tls12_get_req_sig_algs tls12_get_sigid tls12_get_hash tls12_get_sigandhash It looks like the fixes associated with PR: 2979 would resolve the 'ssl_check_clienthello_tlsext_late' warnings/errors. TLS extensions aren't REQUIRED for TLS 1.2 functionality, right? My reading of the RFC leads me to think that TLS 1.2 can function fine without extensions - albeit without support for some useful functionality (e.g. secure renegotiation). Thanks.
