Welcome! Log In Create A New Profile

Advanced

Re: "Dereferencing Pointer To Incomplete Type" on ARM

Maxim Dounin
August 25, 2015 09:54AM
Hello!

On Mon, Aug 24, 2015 at 10:40:05PM -0400, vindicator wrote:

> Thanks, but no. I'm still getting that error:
> *****
> cc -c -pipe -O -W -Wall -Wpointer-arith -Wno-unused-parameter -Werror -g
> -I src/core -I src/event -I src/event/modules -I src/os/unix -I objs \
> -o objs/src/event/ngx_event_openssl.o \
> src/event/ngx_event_openssl.c
> src/event/ngx_event_openssl.c: In function ‘ngx_ssl_handshake’:
> src/event/ngx_event_openssl.c:1165:31: error: dereferencing pointer to
> incomplete type
> if (c->ssl->connection->s3) {
> ^
> src/event/ngx_event_openssl.c:1166:31: error: dereferencing pointer to
> incomplete type
> c->ssl->connection->s3->flags |=
> SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS;
> ^
> src/event/ngx_event_openssl.c: In function
> ‘ngx_ssl_session_ticket_key_callback’:
> src/event/ngx_event_openssl.c:2866:9: error: implicit declaration of
> function ‘RAND_pseudo_bytes’ [-Werror=implicit-function-declaration]
> RAND_pseudo_bytes(iv, 16);
> ^
> cc1: all warnings being treated as errors
> *****

[...]

Oh, it looks like you are trying to build nginx against OpenSSL
master branch. As OpenSSL guys are changing things rapidly
nowadays, it's not really going to work. Try any released version
instead.

Quick and dirty fix below, but I wouldn't bet it will be enough to
build with OpenSSL master even in a week from now.

--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -1159,6 +1159,7 @@ ngx_ssl_handshake(ngx_connection_t *c)
c->send_chain = ngx_ssl_send_chain;

#ifdef SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS
+#if 0

/* initial handshake done, disable renegotiation (CVE-2009-3555) */
if (c->ssl->connection->s3) {
@@ -1166,6 +1167,7 @@ ngx_ssl_handshake(ngx_connection_t *c)
}

#endif
+#endif

return NGX_OK;
}
@@ -2861,7 +2863,7 @@ ngx_ssl_session_ticket_key_callback(ngx_
ngx_hex_dump(buf, key[0].name, 16) - buf, buf,
SSL_session_reused(ssl_conn) ? "reused" : "new");

- RAND_pseudo_bytes(iv, 16);
+ RAND_bytes(iv, 16);
EVP_EncryptInit_ex(ectx, EVP_aes_128_cbc(), NULL, key[0].aes_key, iv);
HMAC_Init_ex(hctx, key[0].hmac_key, 16,
ngx_ssl_session_ticket_md(), NULL);


--
Maxim Dounin
http://nginx.org/

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

"Dereferencing Pointer To Incomplete Type" on ARM

vindicator August 19, 2015 09:15AM

Re: "Dereferencing Pointer To Incomplete Type" on ARM

vindicator August 20, 2015 05:45AM

Re: "Dereferencing Pointer To Incomplete Type" on ARM

Maxim Dounin August 24, 2015 12:26PM

Re: "Dereferencing Pointer To Incomplete Type" on ARM

vindicator August 24, 2015 10:40PM

Re: "Dereferencing Pointer To Incomplete Type" on ARM

Maxim Dounin August 25, 2015 09:54AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 77
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready