I'm attempting to refactor some old C code and run into an issue when compiling:
gcc -c -Wall -g -D_GNU_SOURCE -I/usr/bin/ssl/include cc_tls_verify.c -o cc_tls_verify.o
In file included from cc_tls_verify.c:10:
ssl.h:21:71: error: macro "SSL_CTX_build_cert_chain" passed 3 arguments, but takes just 2
21 | int SSL_CTX_build_cert_chain(SSL_CTX* ssl_ctx, X509** certs, int count);
| ^
In file included from ssl.h:4,
from cc_tls_verify.c:10:
/usr/include/openssl/ssl.h:1435: note: macro "SSL_CTX_build_cert_chain" defined here
1435 | # define SSL_CTX_build_cert_chain(ctx, flags) \
|
cc_tls_verify.c: In function ‘do_FCS_TLSC_EXT_1_1_tests’:
cc_tls_verify.c:378:5: warning: ‘TLSv1_2_method’ is deprecated: Since OpenSSL 1.1.0 [-Wdeprecated-declarations]
378 | ssl_ctx = init_ssl_server_ctx(TLSv1_2_method(), rsa_cert, rsa_priv_key, dh_param_file, TEST_EC_CURVE, ecdsa_cert, ecdsa_priv_key, rsa_root_cert);
| ^~~~~~~
In file included from ssl.h:4,
from cc_tls_verify.c:10:
/usr/include/openssl/ssl.h:2020:50: note: declared here
2020 | OSSL_DEPRECATEDIN_1_1_0 __owur const SSL_METHOD *TLSv1_2_method(void); /* TLSv1.2 */
| ^~~~~~~~~~~~~~
make: *** [Makefile:16: cc_tls_verify.o] Error 1
(Note: I am aware of the deprecated errors -- it is old code!)
I've got as far as realising that SSL_CTX_build_cert_chain only requires 2 arguments, but how do I pass through the certificate and the intermediate/CA certs as one argument?
Similarily, is there a way to run an older/backwards compatible version of libssl-dev in Ubuntu? (noting this code is purely for testing TLS connections an not actually protecting comms).
Proper compile of source code is expected
