Suggest you try again starting from a new download (or after checking the
digest of your current download). This works fine for me, and many people must
have done similar builds without reporting this.
If that doesn't work, you'll need to specify the platform you're trying to
build on and the compiler and other build tools and versions you are using.
Regards,
jjf
From: Philip Bellino [mailto:pbell...@mrv.com]
Sent: Thursday, October 30, 2014 7:41 PM
Hello,
I am running in the following issue when I do a "make depend (after the
"./config shared no-ssl3"):
making depend in ssl...
make[3]: Entering directory '......./openssl-1.0.1j/ssl'
s3_lib.c:3370:4: #error Code needs update for SSLv23_method() support beyond
TLS1_2_VERSION.
d1_lib.c:274:4: #error Code needs update for DTLS_method() support beyond
DTLS1_VERSION.
make[3]: *** [depend] Error 1
In ssl/s3_lib.c, there is a new case statement in openssl-1.0.1j:
case SSL_CTRL_CHECK_PROTO_VERSION:
/* For library-internal use; checks that the current protocol
* is the highest enabled version (according to
s->ctx->method,
* as version negotiation may have changed s->method). */
if (s->version == s->ctx->method->version)
return 1;
/* Apparently we're using a version-flexible SSL_METHOD
* (not at its highest protocol version). */
if (s->ctx->method->version == SSLv23_method()->version)
{
#if TLS_MAX_VERSION != TLS1_2_VERSION
# error Code needs update for SSLv23_method() support beyond TLS1_2_VERSION.
#endif
if (!(s->options & SSL_OP_NO_TLSv1_2))
return s->version == TLS1_2_VERSION;
if (!(s->options & SSL_OP_NO_TLSv1_1))
return s->version == TLS1_1_VERSION;
if (!(s->options & SSL_OP_NO_TLSv1))
return s->version == TLS1_VERSION;
if (!(s->options & SSL_OP_NO_SSLv3))
return s->version == SSL3_VERSION;
if (!(s->options & SSL_OP_NO_SSLv2))
return s->version == SSL2_VERSION;
}
return 0; /* Unexpected state; fail closed
------------------------------------------------------------------------------------------------------
A grep -ri TLS_MAX_VERSION *
include/openssl/tls1.h:#define TLS_MAX_VERSION TLS1_2_VERSION
ssl/s23_clnt.c: /* ensure that TLS_MAX_VERSION is up-to-date */
ssl/s23_clnt.c: OPENSSL_assert(s->version <= TLS_MAX_VERSION);
ssl/s3_lib.c:#if TLS_MAX_VERSION != TLS1_2_VERSION
ssl/tls1.h:#define TLS_MAX_VERSION TLS1_2_VERSION
and a grep -ri DTLS_MAX_VERSION *
include/openssl/dtls1.h:#define DTLS_MAX_VERSION DTLS1_VERSION
ssl/dtls1.h:#define DTLS_MAX_VERSION DTLS1_VERSION
ssl/d1_lib.c:#if DTLS_MAX_VERSION != DTLS1_VERSION
ssl/d1_lib.c: return s->version == DTLS_MAX_VERSION;
This leads me to believe that the code should never have the above error
conditions occur, but in fact it is.
Any help would be most appreciated and I apologize if I am missing something in
my analysis.
Thanks,
Phil
Phil Bellino
Principal Software Engineer | MRV Communications Inc.
300 Apollo Drive | Chelmsford, MA 01824
Phone: 978-674-6870 | Fax: 978-674-6799
www.mrv.com
MRV-email
The contents of this message, together with any attachments, are intended only
for the use of the person(s) to whom they are addressed and may contain
confidential and/or privileged information. If you are not the intended
recipient, immediately advise the sender, delete this message and any
attachments and note that any distribution, or copying of this message, or any
attachment, is prohibited.
