Re: OpenSSL for Linux

Fri, 09 Mar 2012 08:31:22 -0800 

This is an older Apache version that uses a few low level variables
directly of which one changed in the more recent versions of OpenSSL.

Woody


The following changes in Apache 2.0.x line will allow it to compile and run:

diff -uNrp httpd-2.0.63-orig/modules/ssl/ssl_engine_init.c
httpd-2.0.63/modules/ssl/ssl_engine_init.c
--- httpd-2.0.63-orig/modules/ssl/ssl_engine_init.c    2012-02-22
15:02:26.000000000 -0700
+++ httpd-2.0.63/modules/ssl/ssl_engine_init.c    2012-02-22
14:57:39.000000000 -0700
@@ -626,7 +626,7 @@ static void ssl_init_ctx_verify(server_r
             ssl_die();
         }
 
-        SSL_CTX_set_client_CA_list(ctx, (STACK *)ca_list);
+        SSL_CTX_set_client_CA_list(ctx, (_STACK *)ca_list);
     }
 
     /*
diff -uNrp httpd-2.0.63-orig/modules/ssl/ssl_util_ssl.c
httpd-2.0.63/modules/ssl/ssl_util_ssl.c
--- httpd-2.0.63-orig/modules/ssl/ssl_util_ssl.c    2006-07-12
01:40:55.000000000 -0600
+++ httpd-2.0.63/modules/ssl/ssl_util_ssl.c    2012-02-22
14:57:39.000000000 -0700
@@ -466,7 +466,7 @@ int SSL_CTX_use_certificate_chain(
     X509 *x509;
     unsigned long err;
     int n;
-    STACK *extra_certs;
+    _STACK *extra_certs;
 
     if ((bio = BIO_new(BIO_s_file_internal())) == NULL)
         return -1;



Mohamed Riyazudeen wrote on 03/08/2012 01:13 AM:
>
> Hi,
>
>  
>
>      We are using openssl1.0.0g for windows. But when we tried to use
> same for Linux, we are running into issue while compiling SSL module.
> And we found that the issue in Apache2.0.63 and openssl1.0.0g integration
>
>   
>
>         
>  http://serverfault.com/questions/159883/installing-apache-with-openssl
>
>  
>
>           https://issues.apache.org/bugzilla/show_bug.cgi?id=49034
>
>           https://issues.apache.org/bugzilla/show_bug.cgi?id=47578
>
>  
>
>     So we used openssl0.9.8s and its working  fine. Can we use 0.9.8s
> for Linux? Is there any vulnerability in openssl0.9.8s?
>
>  
>
> Regards,
>
> Riyaz
>


-- 

Gatewood Green
Principal Software Engineer
NitroSecurity, now part of McAfee
o: 2085528269
c: 2082067455
e: gatewood_gr...@mcafee.com
w: http://www.nitrosecurity.com/


Imagine, if you will, a world in which there are no hypothetical situations...

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to