[stunnel-users] stunnel 5.38 released
Michał Trojnara
Michal.Trojnara at stunnel.org
Sun Nov 27 17:07:26 CET 2016
Hi Peter,
Yes, the src/dhparam.c file generated with OpenSSL older than 1.1.0 is
incompatible with OpenSSL 1.1.0. I forgot to use OpenSSL 1.1.0 to
create the file with the new release. Please just delete the file and
let OpenSSL 1.1.0 create a new one for you.
Best regards,
Mike
On 27.11.2016 02:29, Peter Pentchev wrote:
> On Sat, Nov 26, 2016 at 11:26:04PM +0100, Michał Trojnara wrote:
>> Dear Users,
>>
>> I have released version 5.38 of stunnel.
>
> Hi,
>
> Thanks for your continuing work on stunnel!
>
> Unfortunately, 5.38 doesn't compile with OpenSSL 1.1, at least with
> the 1.1.0c version in Debian unstable. It seems that the DH_set0_pqg()
> workaround was added with good reason - OpenSSL 1.1 wants us to treat
> a DH pointer as a pointer to an opaque structure, it hides the members.
>
> I'll apply the attached patch to the Debian package so that it'll
> build - it basically restores get_dh2048() to its 5.37 version.
> BTW, if you really want to remove the use of DH_set0_pqg(), it'd
> be a bit better to also remove the pre-1.1 implementation from
> src/ssl.c and the prototype in common.h.
>
> Thanks again for your time and work!
>
> G'luck,
> Peter
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 884 bytes
Desc: OpenPGP digital signature
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20161127/a0b50016/attachment.sig>
More information about the stunnel-users
mailing list