On 1/6/2017 1:51 PM, Axel Beckert wrote:
Hi,
On Thu, Jan 05, 2017 at 07:34:36PM -0800, Japheth Cleaver wrote:
4.3.28 RC2 has been released and should now be available on the SourceForge mirrors. You can download it at https://sourceforge.net/projects/xymon/files/Xymon/4.3.28-rc2/
There are a number of typos fixed from RC2, but RC2 is primarily of interest for those running older versions of OpenSSL (< 1.0.1) as RC1 was broken on those machines. But RC2 now seems broken in a different way (syntactically):
[…] gcc -g -O2 -fdebug-prefix-map=/home/abe/hobbit/xymon=. -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -Wl,-z,relro -Wl,-z,now -Wall -Wno-unused -Wno-pointer-sign -D_REENTRANT -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -DLINUX -I/home/abe/hobbit/xymon/include -DHAVE_OPENSSL -c -o contest.o contest.c contest.c: In function ‘setup_ssl’: contest.c:500:2: error: invalid preprocessing directive #elseif #elseif OPENSSL_VERSION_NUMBER >= 0x10001000L ^~~~~~ contest.c:501:5: error: duplicate case value case SSLVERSION_TLS12: ^~~~ contest.c:488:5: error: previously used here case SSLVERSION_TLS12: ^~~~ contest.c:504:5: error: duplicate case value case SSLVERSION_TLS11: ^~~~ contest.c:492:5: error: previously used here case SSLVERSION_TLS11: ^~~~ contest.c:507:5: error: duplicate case value case SSLVERSION_TLS10: ^~~~ contest.c:496:5: error: previously used here case SSLVERSION_TLS10: ^~~~ Makefile:51: recipe for target 'contest.o' failed make[2]: *** [contest.o] Error 1
The following patch fixes this:
Index: xymon/xymonnet/contest.c =================================================================== --- xymon.orig/xymonnet/contest.c 2017-01-06 22:06:24.432668546 +0100 +++ xymon/xymonnet/contest.c 2017-01-06 22:45:01.476559681 +0100 @@ -497,7 +497,7 @@ SSL_CTX_set_min_proto_version(item->sslctx, TLS1_VERSION); SSL_CTX_set_max_proto_version(item->sslctx, TLS1_VERSION); break; -#elseif OPENSSL_VERSION_NUMBER >= 0x10001000L +#elif OPENSSL_VERSION_NUMBER >= 0x10001000L case SSLVERSION_TLS12: SSL_CTX_set_options(item->sslctx, (SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1)); break;
Kind regards, Axel
Thanks. Didn't even get a warning on that on EL5 with it not hitting that. A bit too quick with the rewrites. Applied. Regards, -jc