- created a uniform shim layer for the Go code to invoke that does the
right thing depending on the version of openssl. functions that have
yet to be moved can be done so as needed.
- fixed the incorrect use of X509_STORE_CTX_get_app_data in verify_cb to
pull out the SSL object from the x509 store context, which causes
crashes when the SSL object index happens to not be zero.
- fix engine not being passed to HMAC_Init_ex
- fix HMAC tests not checking for failures with NewHMAC
On Fedora 23, the build fails like this:
go build
# github.com/spacemonkeygo/openssl
/usr/bin/ld: $WORK/github.com/spacemonkeygo/openssl/_obj/cert.cgo2.o: undefined reference to symbol 'EVP_dss1@@libcrypto.so.10'
/usr/lib64/libcrypto.so.10: error adding symbols: DSO missing from command line
collect2: error: ld returned 1 exit status
Adding "libcrypto" to the linker flags fixes the issue.
We know that they've decided that OpenSSL is deprecated and the huge
list of warnings obscures any useful ones about the code we're actually
trying to build.