There's been some juggling of names between rustls_ffi 0.10.0 and 0.11.0, the mod_tls module fails to build ``` ./tls_cert.h:196:11: error: unknown type name 'rustls_client_cert_verifier' const rustls_client_cert_verifier **pverifier); ^ ./tls_cert.h:209:11: error: unknown type name 'rustls_client_cert_verifier_optional' const rustls_client_cert_verifier_optional **pverifier); ^ tls_cert.c:452:11: error: unknown type name 'rustls_client_cert_verifier' const rustls_client_cert_verifier *client_verifier; ^ tls_cert.c:453:11: error: unknown type name 'rustls_client_cert_verifier_optional' const rustls_client_cert_verifier_optional *client_verifier_opt; ^ tls_cert.c:461:9: warning: implicit declaration of function 'rustls_client_cert_verifier_free' is invalid in C99 [-Wimplicit-function-declaration] rustls_client_cert_verifier_free(entry->client_verifier); ^ tls_cert.c:465:9: warning: implicit declaration of function 'rustls_client_cert_verifier_optional_free' is invalid in C99 [-Wimplicit-function-declaration] rustls_client_cert_verifier_optional_free(entry->client_verifier_opt); ^ tls_cert.c:517:11: error: unknown type name 'rustls_client_cert_verifier' const rustls_client_cert_verifier **pverifier) ^ tls_cert.c:527:34: warning: implicit declaration of function 'rustls_client_cert_verifier_new' is invalid in C99 [-Wimplicit-function-declaration] entry->client_verifier = rustls_client_cert_verifier_new(store); ^ tls_cert.c:543:11: error: unknown type name 'rustls_client_cert_verifier_optional' const rustls_client_cert_verifier_optional **pverifier) ^ tls_cert.c:553:38: warning: implicit declaration of function 'rustls_client_cert_verifier_optional_new' is invalid in C99 [-Wimplicit-function-declaration] entry->client_verifier_opt = rustls_client_cert_verifier_optional_new(store); ^ 4 warnings and 6 errors generated. ``` From the https://github.com/rustls/rustls-ffi/blob/main/CHANGELOG.md rustls_client_cert_verifier became rustls_allow_any_authenticated_client_verifier and must be constructed from a rustls_allow_any_authenticated_client_builder. rustls_client_cert_verifier_optional became rustls_allow_any_anonymous_or_authenticated_client_verifier and must be constructed from a rustls_allow_any_anonymous_or_authenticated_client_builder.
Have they broken the API again?
Looks like it. Builds OK with rustls_ffi 0.10.0.
I think we skip v0.11.0 and see what new name changes v0.12.0 brings.
@Stefan - would a contribution to update to 0.13.0 be helpful? It may take me a little bit of time & some support.
I heard from Stefan out-of-band and he agreed to help support an update. I will try to start working on this Soon(TM).
I've put up an initial PR updating to rustls-ffi 0.13: https://github.com/apache/httpd/pull/439
I think this bug can be closed. Support is in-tree: https://svn.apache.org/viewvc?view=revision&revision=1917270
Thanks! Now I can try getting the mod_tls port on FreeBSD