error: ‘X509_V_ERR_HOSTNAME_MISMATCH’ undeclared (first use in this function) if (err == X509_V_ERR_HOSTNAME_MISMATCH)

[xiaoxiyouran]

/data/home/user00/xixie/nats.c/src/conn.c: In function ‘_collectSSLErr’:
/data/home/user00/xixie/nats.c/src/conn.c:602:20: error: ‘X509_V_ERR_HOSTNAME_MISMATCH’ undeclared (first use in this function)
if (err == X509_V_ERR_HOSTNAME_MISMATCH)
^
/data/home/user00/xixie/nats.c/src/conn.c:602:20: note: each undeclared identifier is reported only once for each function it appears in
/data/home/user00/xixie/nats.c/src/conn.c: In function ‘_makeTLSConn’:
/data/home/user00/xixie/nats.c/src/conn.c:693:17: warning: implicit declaration of function ‘SSL_get0_param’ [-Wimplicit-function-declaration]
X509_VERIFY_PARAM *param = SSL_get0_param(ssl);
^
/data/home/user00/xixie/nats.c/src/conn.c:693:44: warning: initialization makes pointer from integer without a cast [enabled by default]
X509_VERIFY_PARAM *param = SSL_get0_param(ssl);
^
/data/home/user00/xixie/nats.c/src/conn.c:694:17: warning: implicit declaration of function ‘X509_VERIFY_PARAM_set_hostflags’ [-Wimplicit-function-declaration]
X509_VERIFY_PARAM_set_hostflags(param, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
^
/data/home/user00/xixie/nats.c/src/conn.c:694:56: error: ‘X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS’ undeclared (first use in this function)
X509_VERIFY_PARAM_set_hostflags(param, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
^
/data/home/user00/xixie/nats.c/src/conn.c:695:17: warning: implicit declaration of function ‘X509_VERIFY_PARAM_set1_host’ [-Wimplicit-function-declaration]
if (!X509_VERIFY_PARAM_set1_host(param, nc->tlsName, 0))
^
make[2]: *** [src/CMakeFiles/nats.dir/conn.c.o] Error 1
make[1]: *** [src/CMakeFiles/nats.dir/all] Error 2

[kozlovic]

How did you configure and build? It almost looks like you are trying to compile with TLS (the default when setting up CMake env from scratch), but that there may not be any OpenSSL library available? But in that case I believe it cmake would have complained that it cannot find OpenSSL library...

[xiaoxiyouran]

Thanks for you quick response. I installed the openssl:
openssl version
OpenSSL 1.1.1g 21 Apr 2020

however, there are other two questions confused me.
1: ld seems to find the specified path: /usr/lib64/libssl.so, could you please tell me where to configure it.
now,I just simply link to the path:

root|11:13:01@/etc/ld.so.conf.d >>> mv /usr/lib64/libssl.so /usr/lib64/libssl.so.bk
root|11:13:56@/etc/ld.so.conf.d >>> ln -s /usr/local/lib64/libssl.so /usr/lib64/libssl.so
root|11:21:20@/etc/ld.so.conf.d >>> l /usr/lib64/libssl.so

Since the followed sequence not work.

root|11:12:58@/etc/ld.so.conf.d >>> ldconfig -p | grep ssl
libssl3.so (libc6,x86-64) => /usr/lib64/libssl3.so
libssl3.so (libc6) => /usr/lib/libssl3.so
libssl.so.10 (libc6,x86-64) => /usr/lib64/libssl.so.10
libssl.so.10 (libc6) => /usr/lib/libssl.so.10
libssl.so.6 (libc6,x86-64) => /usr/lib64/libssl.so.6
libssl.so.6 (libc6) => /usr/lib/libssl.so.6
libssl.so.1.1 (libc6,x86-64) => /usr/local/lib64/libssl.so.1.1
# correct path I installed, but it find lib /usr/lib64/libssl.so
libssl.so (libc6,x86-64) => /usr/local/lib64/libssl.so
libssl.so (libc6,x86-64) => /usr/lib64/libssl.so

2: how to build target with static openssl lib. Since most of machines don't have openss 1.1+ version.

[kozlovic]

I am using CMake to build, so I don't know the details on where to find the libraries.

Based on what you have provided, here is what I would do:

$ pwd
/data/home/user00/xixie/nats.c

$ mkdir build
$ cd build
$ cmake .. -DNATS_BUILD_TLS_USE_OPENSSL_1_1_API=ON

This will locate the OpenSSL library for you. If it does not find it, it will return an error.

Note that I have submitted a PR to be able to statically link the OpenSSL libraries. For that, you would need to remove the cache and pass that new option:

$ rm CMakeCache.txt
$ cmake .. -DNATS_BUILD_TLS_USE_OPENSSL_1_1_API=ON -DNATS_BUILD_OPENSSL_STATIC_LIBS=ON
$ make

That will make the NATS C client library be statically linked to the OpenSSL libraries (if found)