Hello,
I have tested OPENSSL-1.0.2-STABLE-SNAP-20140107 and found the following
problems that are mostly corrected (except the missing header file) with the
patch below:
1. missing header file unbound.h
#include <unbound.h>
.^
%CC-F-NOINCLFILEF, Cannot find file <unbound.h> specified in #include
directive.
at line number 15 in file
DKA0:[WORK.openssl-102-stable-SNAP-20140107.ssl]dnssec.c;1
I have looked closer the dnssec.c code, but the best is that the author
decides what to do.
2. missing files from the ssl-lib
*** [.ssl]ssl-lib.com;1 Fri Jan 11 16:09:33 2013
--- [.ssl]ssl-lib.com;7 Tue Jan 7 21:57:20 2014
*************** $!
*** 214,228 ****
$! Define The Different SSL "library" Files.
$!
$ LIB_SSL = "s2_meth,s2_srvr,s2_clnt,s2_lib,s2_enc,s2_pkt,"+ -
! "s3_meth,s3_srvr,s3_clnt,s3_lib,s3_enc,s3_pkt,s3_both,"+ -
"s23_meth,s23_srvr,s23_clnt,s23_lib,s23_pkt,"+ -
! "t1_meth,t1_srvr,t1_clnt,t1_lib,t1_enc,"+ -
"d1_meth,d1_srvr,d1_clnt,d1_lib,d1_pkt,"+ -
"d1_both,d1_enc,d1_srtp,"+ -
"ssl_lib,ssl_err2,ssl_cert,ssl_sess,"+ -
! "ssl_ciph,ssl_stat,ssl_rsa,"+ -
"ssl_asn1,ssl_txt,ssl_algs,"+ -
! "bio_ssl,ssl_err,kssl,tls_srp,t1_reneg"
$!
$ COMPILEWITH_CC5 = ""
$!
--- 214,228 ----
$! Define The Different SSL "library" Files.
$!
$ LIB_SSL = "s2_meth,s2_srvr,s2_clnt,s2_lib,s2_enc,s2_pkt,"+ -
! "s3_meth,s3_srvr,s3_clnt,s3_lib,s3_enc,s3_pkt,s3_both,s3_cbc,"+
-
"s23_meth,s23_srvr,s23_clnt,s23_lib,s23_pkt,"+ -
! "t1_meth,t1_srvr,t1_clnt,t1_lib,t1_enc,t1_reneg,t1_trce,"+ -
"d1_meth,d1_srvr,d1_clnt,d1_lib,d1_pkt,"+ -
"d1_both,d1_enc,d1_srtp,"+ -
"ssl_lib,ssl_err2,ssl_cert,ssl_sess,"+ -
! "ssl_ciph,ssl_conf,ssl_stat,ssl_rsa,"+ -
"ssl_asn1,ssl_txt,ssl_algs,"+ -
! "bio_ssl,ssl_err,kssl,tls_srp,dnssec"
$!
$ COMPILEWITH_CC5 = ""
$!
3. missing files from the crypto_lib.com
*** [.crypto]crypto-lib.com;1 Fri Jan 11 16:09:33 2013
--- [.crypto]crypto-lib.com;6 Tue Jan 7 20:36:15 2014
*************** $ LIB_CAMELLIA = "camellia,cmll_misc,cml
*** 234,240 ****
"cmll_cfb,cmll_ctr,cmll_utl"
$ LIB_SEED = "seed,seed_ecb,seed_cbc,seed_cfb,seed_ofb"
$ LIB_MODES = "cbc128,ctr128,cts128,cfb128,ofb128,gcm128,"+ -
! "ccm128,xts128"
$ LIB_BN_ASM = "[.asm]vms.mar,vms-helper"
$ IF F$TRNLNM("OPENSSL_NO_ASM") .OR. ARCH .NES. "VAX" THEN -
LIB_BN_ASM = "bn_asm"
--- 234,240 ----
"cmll_cfb,cmll_ctr,cmll_utl"
$ LIB_SEED = "seed,seed_ecb,seed_cbc,seed_cfb,seed_ofb"
$ LIB_MODES = "cbc128,ctr128,cts128,cfb128,ofb128,gcm128,"+ -
! "ccm128,xts128,wrap128"
$ LIB_BN_ASM = "[.asm]vms.mar,vms-helper"
$ IF F$TRNLNM("OPENSSL_NO_ASM") .OR. ARCH .NES. "VAX" THEN -
LIB_BN_ASM = "bn_asm"
*************** $ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa
*** 256,263 ****
"dsa_err,dsa_ossl,dsa_depr,dsa_ameth,dsa_pmeth,dsa_prn"
$ LIB_ECDSA = "ecs_lib,ecs_asn1,ecs_ossl,ecs_sign,ecs_vrf,ecs_err"
$ LIB_DH = "dh_asn1,dh_gen,dh_key,dh_lib,dh_check,dh_err,dh_depr,"+ -
! "dh_ameth,dh_pmeth,dh_prn,dh_rfc5114"
! $ LIB_ECDH = "ech_lib,ech_ossl,ech_key,ech_err"
$ LIB_DSO = "dso_dl,dso_dlfcn,dso_err,dso_lib,dso_null,"+ -
"dso_openssl,dso_win32,dso_vms,dso_beos"
$ LIB_ENGINE = "eng_err,eng_lib,eng_list,eng_init,eng_ctrl,"+ -
--- 256,263 ----
"dsa_err,dsa_ossl,dsa_depr,dsa_ameth,dsa_pmeth,dsa_prn"
$ LIB_ECDSA = "ecs_lib,ecs_asn1,ecs_ossl,ecs_sign,ecs_vrf,ecs_err"
$ LIB_DH = "dh_asn1,dh_gen,dh_key,dh_lib,dh_check,dh_err,dh_depr,"+ -
! "dh_ameth,dh_pmeth,dh_prn,dh_rfc5114,dh_kdf"
! $ LIB_ECDH = "ech_lib,ech_ossl,ech_key,ech_err,ech_kdf"
$ LIB_DSO = "dso_dl,dso_dlfcn,dso_err,dso_lib,dso_null,"+ -
"dso_openssl,dso_win32,dso_vms,dso_beos"
$ LIB_ENGINE = "eng_err,eng_lib,eng_list,eng_init,eng_ctrl,"+ -
*************** $ LIB_UI = "ui_err,ui_lib,ui_openssl,ui_
*** 337,343 ****
$ LIB_KRB5 = "krb5_asn"
$ LIB_CMS = "cms_lib,cms_asn1,cms_att,cms_io,cms_smime,cms_err,"+ -
"cms_sd,cms_dd,cms_cd,cms_env,cms_enc,cms_ess,"+ -
! "cms_pwri"
$ LIB_PQUEUE = "pqueue"
$ LIB_TS = "ts_err,ts_req_utils,ts_req_print,ts_rsp_utils,ts_rsp_print,"+
-
"ts_rsp_sign,ts_rsp_verify,ts_verify_ctx,ts_lib,ts_conf,"+ -
--- 337,343 ----
$ LIB_KRB5 = "krb5_asn"
$ LIB_CMS = "cms_lib,cms_asn1,cms_att,cms_io,cms_smime,cms_err,"+ -
"cms_sd,cms_dd,cms_cd,cms_env,cms_enc,cms_ess,"+ -
! "cms_pwri,cms_kari"
$ LIB_PQUEUE = "pqueue"
$ LIB_TS = "ts_err,ts_req_utils,ts_req_print,ts_rsp_utils,ts_rsp_print,"+
-
"ts_rsp_sign,ts_rsp_verify,ts_verify_ctx,ts_lib,ts_conf,"+ -
4. fixing symhacks.h for long function manes
*** [.crypto]symhacks.h;1 Fri Jan 11 16:09:33 2013
--- [.crypto]symhacks.h;5 Tue Jan 7 22:18:17 2014
***************
*** 214,220 ****
#define SSL_SESSION_get_tlsext_authz_server_audit_proof \
S_SES_get_tlsx_auz_srvr_aud_prf
! /* Hack some long ENGINE names */
#undef ENGINE_get_default_BN_mod_exp_crt
#define ENGINE_get_default_BN_mod_exp_crt
ENGINE_get_def_BN_mod_exp_crt
#undef ENGINE_set_default_BN_mod_exp_crt
--- 214,231 ----
#define SSL_SESSION_get_tlsext_authz_server_audit_proof \
S_SES_get_tlsx_auz_srvr_aud_prf
! #undef ssl3_cbc_record_digest_supported
! #define ssl3_cbc_record_digest_supported
ssl3_cbc_record_digest_support
! #undef ssl_check_clienthello_tlsext_late
! #define ssl_check_clienthello_tlsext_late
ssl_check_clihello_tlsext_late
! #undef ssl_check_clienthello_tlsext_early
! #define ssl_check_clienthello_tlsext_early
ssl_check_clihello_tlsext_early
!
! /* Hack some RSA long names */
! #undef RSA_padding_check_PKCS1_OAEP_mgf1
! #define RSA_padding_check_PKCS1_OAEP_mgf1
RSA_pad_check_PKCS1_OAEP_mgf1
!
! /* Hack some ENGINE long names */
#undef ENGINE_get_default_BN_mod_exp_crt
#define ENGINE_get_default_BN_mod_exp_crt
ENGINE_get_def_BN_mod_exp_crt
#undef ENGINE_set_default_BN_mod_exp_crt
***************
*** 423,428 ****
--- 434,451 ----
#define CMS_OriginatorIdentifierOrKey_it CMS_OriginatorIdOrKey_it
#undef cms_SignerIdentifier_get0_signer_id
#define cms_SignerIdentifier_get0_signer_id cms_SignerId_get0_signer_id
+ #undef CMS_RecipientInfo_kari_get0_orig_id
+ #define CMS_RecipientInfo_kari_get0_orig_id
CMS_RecipInfo_kari_get0_orig_id
+ #undef CMS_RecipientInfo_kari_get0_reks
+ #define CMS_RecipientInfo_kari_get0_reks
CMS_RecipInfo_kari_get0_reks
+ #undef CMS_RecipientEncryptedKey_cert_cmp
+ #define CMS_RecipientEncryptedKey_cert_cmp
CMS_RecipEncryptedKey_cert_cmp
+ #undef CMS_RecipientInfo_kari_set0_pkey
+ #define CMS_RecipientInfo_kari_set0_pkey
CMS_RecipInfo_kari_set0_pkey
+ #undef CMS_RecipientEncryptedKey_get0_id
+ #define CMS_RecipientEncryptedKey_get0_id
CMS_RecipEncryptedKey_get0_id
+ #undef CMS_RecipientInfo_kari_orig_id_cmp
+ #define CMS_RecipientInfo_kari_orig_id_cmp
CMS_RecipInfo_kari_orig_id_cmp
/* Hack some long DTLS1 names */
#undef dtls1_retransmit_buffered_messages
Thank you.
Regards,
Z
