Le Friday 16 October 2009 13:28:00 Phil Pennock, vous avez écrit :
> On 2009-10-16 at 04:14 -0700, Phil Pennock wrote:
> > Crap. This is my code. Although the actual commit is revision 1.16 or
> > tls-openssl.c, which adds the reference to EVP_sha256(). That's for
> > Bugzilla #674.
> >
> > You're linking against OpenSSL, right?
> >
> > What does running:
> > openssl version
> > say?
> >
> > EVP_sha256() was added in 2004; surely any version of OpenSSL old enough
> > to lack this support has major security issues and is a danger to the
> > system it's running on?
> >
> > It looks like it might be 0.9.8-onwards. But I can't find any
> > authoritative statement to that effect, only third-party comments.
>
> Found statement in the changelog file inside an OpenSSL distribution.
> (Where I should perhaps have looked before using a search-engine.)
>
> Changes between 0.9.7h and 0.9.8 [05 Jul 2005]
> [...]
> *) New FIPS 180-2 algorithms, SHA-224/-256/-384/-512 are implemented.
> [Andy Polyakov and a number of other people]
>
> So, tiny patch attached to:
> http://bugs.exim.org/show_bug.cgi?id=674
> If you grab the one called:
> Make SHA256 loading conditional upon OpenSSL >= 0.9.8
> and apply it, do your build problems go away?
>
> -Phil
My openssl:
openssl-0.9.7m-1.caos (latest on Caos)
/usr/include/openssl/opensslv.h:#define OPENSSL_VERSION_NUMBER 0x009070dfL
Now with last commit in git/cvs ( 2009/10/16 12:38:01 BST )
1.18 +2 -0 exim/exim-src/src/tls-openssl.c
Now (without patch) i can compile the code
Thanks!
--Serge
--
