I built it with VC-Win32 and got a problem: perl Configure VC-WIN32 no-hw enable-capieng -DOPENSSL_ SSL_CLIENT_ENGINE_AUTO=capi -DOPENSSL_CAPIENG_DIALOG ms\do_masm nmake -f ms\ntdll.mak .... .\ssl\d1_both.c(992) : warning C4761: integral size mismatch in argument; conversion supplied .\ssl\d1_both.c(992) : error C2220: warning treated as error - no object file ge nerated NMAKE : fatal error U1077: 'cl' : return code '0x2' Stop. 2010/1/21 Thor Lancelot Simon <t...@panix.com>
> On Thu, Jan 21, 2010 at 12:59:36AM +0100, OpenSSL wrote: > > > > The OpenSSL project team is pleased to announce the release of > > version 0.9.8m-beta1 of our open source toolkit for SSL/TLS. This new > > OpenSSL version is a security and bug fix beta release which > implements > > draft-ietf-tls-renegotiation-03.txt to address CVE-2009-3555. For a > > complete list of changes, please see > > http://www.openssl.org/source/exp/CHANGES. > > | *) Implement draft-ietf-tls-renegotiation-03. Re-enable > | renegotiation but require the extension as needed. Unfortunately, > | SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION turns out to be a > | bad idea. It has been replaced by > | SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION which can be set with > | SSL_CTX_set_options(). This is really not recommended unless you > | know what you are doing. > | [Eric Rescorla <e...@networkresonance.com>, Ben Laurie, Steve Henson] > > The change described above is a major API/ABI change. Now applications > must handle three different cases: > > 1) No built-in support for preventing unsafe renegotiation; do > it yourself with callbacks. > > 2) Built-in support controlled by > SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION, no > #define at all for SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION > > 3) Built-in support controlled by > SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION, no > #define for SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION > > I guess once again everyone gets to bump their major version numbers for > the OpenSSL shared libraries for a point release (this'll be the second > bump in three months for anyone who picked up 0.9.8l) and gets to write > application code full of nasty #if hacks which check the OpenSSL version > string. > > Yuck! > > Thor > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org >
