New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

tlsdate fails to build with openssl-1.1 (new API) #190

Open
Polynomial-C opened this Issue Aug 31, 2016 · 1 comment

Comments

Projects
None yet
1 participant
@Polynomial-C

Polynomial-C commented Aug 31, 2016

x86_64-pc-linux-gnu-gcc -DHAVE_CONFIG_H -I.     -march=native -mtune=native -O2 -pipe  -Wall -fno-strict-aliasing -c -o src/src_tlsdate_helper-tlsdate-helper.o `test -f 'src/tlsdate-helper.c' || echo './'`src/tlsdate-helper.c
src/tlsdate-helper.c: In function ‘openssl_time_callback’:
src/tlsdate-helper.c:377:11: error: dereferencing pointer to incomplete type ‘SSL {aka const struct ssl_st}’
       (ssl->state == SSL3_ST_CR_SRVR_HELLO_A || ssl->state == SSL3_ST_CR_SRVR_H
           ^
src/tlsdate-helper.c:377:22: error: ‘SSL3_ST_CR_SRVR_HELLO_A’ undeclared (first use in this function)
       (ssl->state == SSL3_ST_CR_SRVR_HELLO_A || ssl->state == SSL3_ST_CR_SRVR_H
                      ^
src/tlsdate-helper.c:377:22: note: each undeclared identifier is reported only once for each function it appears in
src/tlsdate-helper.c:377:63: error: ‘SSL3_ST_CR_SRVR_HELLO_B’ undeclared (first use in this function)
       (ssl->state == SSL3_ST_CR_SRVR_HELLO_A || ssl->state == SSL3_ST_CR_SRVR_H
                                                               ^
src/tlsdate-helper.c: In function ‘get_certificate_keybits’:
src/tlsdate-helper.c:414:21: error: dereferencing pointer to incomplete type ‘EVP_PKEY {aka struct evp_pkey_st}’
   switch (public_key->type)
                     ^
src/tlsdate-helper.c:418:18: warning: implicit declaration of function ‘BN_num_bits’ [-Wimplicit-function-declaration]
       key_bits = BN_num_bits(public_key->pkey.rsa->n);
                  ^
src/tlsdate-helper.c: In function ‘check_san’:
src/tlsdate-helper.c:698:18: error: dereferencing pointer to incomplete type ‘X509_EXTENSION {aka struct X509_extension_st}’
         tmp = ext->value->data;
                  ^
src/tlsdate-helper.c: In function ‘run_ssl’:
src/tlsdate-helper.c:1128:3: warning: implicit declaration of function ‘SSL_load_error_strings’ [-Wimplicit-function-declaration]
   SSL_load_error_strings();
   ^
src/tlsdate-helper.c:1129:3: warning: implicit declaration of function ‘SSL_library_init’ [-Wimplicit-function-declaration]
   SSL_library_init();
   ^
src/tlsdate-helper.c:1147:23: warning: implicit declaration of function ‘TLSv1_client_method’ [-Wimplicit-function-declaration]
     ctx = SSL_CTX_new(TLSv1_client_method());
                       ^
src/tlsdate-helper.c:1147:23: warning: passing argument 1 of ‘SSL_CTX_new’ makes pointer from integer without a cast [-Wint-conversion]
In file included from ./src/tlsdate-helper.h:38:0,
                 from src/tlsdate-helper.c:78:
/usr/include/openssl/ssl.h:1302:17: note: expected ‘const SSL_METHOD * {aka const struct ssl_method_st *}’ but argument is of type ‘int’
 __owur SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
                 ^
src/tlsdate-helper.c:1211:27: error: dereferencing pointer to incomplete type ‘SSL {aka struct ssl_st}’
   memcpy(&result_time, ssl->s3->server_random, sizeof (uint32_t));
                           ^
make[1]: *** [Makefile:1972: src/src_tlsdate_helper-tlsdate-helper.o] Error 1
make[1]: Leaving directory '/var/tmp/portage/net-misc/tlsdate-0.0.13/work/tlsdate-0.0.13'
make: *** [Makefile:1366: all] Error 2

See also openssl-1.1 API changes

@Polynomial-C

This comment has been minimized.

Show comment
Hide comment
@Polynomial-C

Polynomial-C Sep 2, 2016

Please also note that openssl-1.1 can be compiled with three different compatibility levels:

--api=0.9.8, --api=1.0.0 and --api=1.1.0.

The important information here is that with --api=1.1.0 all interfaces seen as deprecated by openssl developers won't be available anymore. So please carefully check your code for usage of deprecated interfaces.

Polynomial-C commented Sep 2, 2016

Please also note that openssl-1.1 can be compiled with three different compatibility levels:

--api=0.9.8, --api=1.0.0 and --api=1.1.0.

The important information here is that with --api=1.1.0 all interfaces seen as deprecated by openssl developers won't be available anymore. So please carefully check your code for usage of deprecated interfaces.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment