Hello,
I am new
to openssl and am trying to compile libraries for Win32 environment. I
used the "ms\do_ms fips" command as I don't really care right now about
recompiling the assembly. I am getting the following
error:
cl /Fotmp32\ssltest.obj
-Iinc32 -Itmp32 /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo
-DOPENSSL_SY
SNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32
/Fdout32 -DOPENSSL_NO_KRB5 -DOPENSSL_FIPS -c
.\ssl\s
sltest.c
ssltest.c
.\ssl\ssltest.c(1979) : error C2065: 's' :
undeclared identifier
.\ssl\ssltest.c(1979) : error C2223: left of
'->version' must point to struct/union
.\ssl\ssltest.c(1984) : error
C2223: left of '->version' must point to struct/union
NMAKE : fatal error
U1077: 'cl' : return code '0x2'
Stop.
The following code is from ssltest.c. I don't see a structure
variable called s in the function. Can you tell me if the bad section of
code is needed or not? I have commented out the piece of code where the
variable s is being called.
static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void
*arg)
{
int ok=1;
struct app_verify_arg *cb_arg = arg;
unsigned
int letters[26]; /* only used with proxy_auth */
if
(cb_arg->app_verify)
{
char *s =
NULL,buf[256];
fprintf(stderr, "In app_verify_callback, allowing cert.
");
fprintf(stderr, "Arg is: %s\n",
cb_arg->string);
fprintf(stderr, "Finished printing do we have a
context? 0x%p a cert? 0x%p\n",
(void *)ctx, (void *)ctx->cert);
if
(ctx->cert)
s=X509_NAME_oneline(X509_get_subject_name(ctx->cert),buf,256);
if
(s != NULL)
{
fprintf(stderr,"cert depth=%d
%s\n",ctx->error_depth,buf);
}
return(1);
}
if
(cb_arg->proxy_auth)
{
int found_any = 0, i;
char
*sp;
for(i = 0; i < 26; i++)
letters[i] = 0;
for(sp =
cb_arg->proxy_auth; *sp; sp++)
{
char c = *sp;
if
(isascii(c) && isalpha(c))
{
if (islower(c))
c =
toupper(c);
letters[c - 'A'] =
1;
}
}
fprintf(stderr,
" Initial proxy rights
= ");
for(i = 0; i < 26; i++)
if
(letters[i])
{
fprintf(stderr, "%c", i + 'A');
found_any =
1;
}
if (!found_any)
fprintf(stderr,
"none");
fprintf(stderr,
"\n");
X509_STORE_CTX_set_ex_data(ctx,
get_proxy_auth_ex_data_idx(),letters);
}
if
(cb_arg->allow_proxy_certs)
{
X509_STORE_CTX_set_flags(ctx,
X509_V_FLAG_ALLOW_PROXY_CERTS);
}
*********************************************** START OF BAD CODE
********************************************
#ifndef OPENSSL_NO_X509_VERIFY
# ifdef
OPENSSL_FIPS
if(s->version == TLS1_VERSION)
FIPS_allow_md5(1);
#
endif
ok = X509_verify_cert(ctx);
# ifdef
OPENSSL_FIPS
if(s->version == TLS1_VERSION)
FIPS_allow_md5(0);
#
endif
#endif
*************************************************************
END OF BAD CODE
***********************************
if
(cb_arg->proxy_auth)
{
if (ok)
{
const char *cond_end =
NULL;
ok = process_proxy_cond(letters,
cb_arg->proxy_cond,
&cond_end);
if (ok < 0)
EXIT(3);
if
(*cond_end)
{
fprintf(stderr, "Stopped processing condition before
it's end.\n");
ok = 0;
}
if (!ok)
fprintf(stderr,
"Proxy rights check with condition '%s' proved
invalid\n",
cb_arg->proxy_cond);
else
fprintf(stderr,
"Proxy rights check with condition '%s' proved
valid\n",
cb_arg->proxy_cond);
}
}
return(ok);
}
Locked
