Bug#828614: yara: FTBFS with openssl 1.1.0

Kurt Roeckx kurt at roeckx.be
Mon Jun 27 08:11:55 UTC 2016

On Mon, Jun 27, 2016 at 12:46:26AM +0200, Hilko Bengen wrote:
> control: tag -1 moreinfo
> Hi Kurt,
> I was able to get the yara build fixed by applying this simple patch:
> -      const char* sig_alg = OBJ_nid2ln(OBJ_obj2nid(cert->sig_alg->algorithm));
> +      const char* sig_alg = OBJ_nid2ln(X509_get_signature_nid(cert));
> However, since I don't really know a lot about OpenSSL's internals, I'm
> not sure if the fix is actually correct.

Yes, that looks correct.

> I have found neither the
> OpenSSL manpages nor upstream's wiki page about the API changes to be
> particularly helpful.
> A document describing to Debian maintainers how they need to change
> specific struct accesses would be very helpful.

It's hard to document everything you can come up with.  But it
boils down to that there are access functions.  "cert" is an X509
type, so you need an X509_* function to be able to get some
information of it.  And I guess you need to be a little familiar
with the API to know what an NID is, what an OBJ is, and so on.

But if you have suggestion, I would love to put it on the openssl


More information about the forensics-devel mailing list