Source: openvpn
Version: 2.5.5-1
Severity: important
Tags: bookworm sid
User: pkg-openssl-de...@lists.alioth.debian.org
Usertags: ftbfs-3.0
control: forwarded -1
Your package is failing to build using OpenSSL 3.0 with the
following error:
| Testing cipher CHACHA20-POLY1305... OK
| Testing cipher SEED-CBC... FAILED
| 2022-02-26 17:17:22 Cipher negotiation is disabled since neither P2MP client
nor server mode is enabled
| 2022-02-26 17:17:22 OpenVPN 2.5.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO]
[LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 21 2022
| 2022-02-26 17:17:22 library versions: OpenSSL 3.0.1 14 Dec 2021, LZO 2.10
| 2022-02-26 17:17:22 OpenVPN 2.5.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO]
[LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 21 2022
| 2022-02-26 17:17:22 OpenSSL: error:0308010C:digital envelope
routines::unsupported
| 2022-02-26 17:17:22 EVP cipher init #1
| 2022-02-26 17:17:22 Exiting due to fatal error
| Testing cipher SEED-CFB... FAILED
| 2022-02-26 17:17:22 Cipher negotiation is disabled since neither P2MP client
nor server mode is enabled
| 2022-02-26 17:17:22 OpenVPN 2.5.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO]
[LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 21 2022
| 2022-02-26 17:17:22 library versions: OpenSSL 3.0.1 14 Dec 2021, LZO 2.10
| 2022-02-26 17:17:22 OpenVPN 2.5.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO]
[LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 21 2022
| 2022-02-26 17:17:22 OpenSSL: error:0308010C:digital envelope
routines::unsupported
| 2022-02-26 17:17:22 EVP cipher init #1
| 2022-02-26 17:17:22 Exiting due to fatal error
| Testing cipher SEED-OFB... FAILED
| 2022-02-26 17:17:22 Cipher negotiation is disabled since neither P2MP client
nor server mode is enabled
| 2022-02-26 17:17:22 OpenVPN 2.5.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO]
[LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 21 2022
| 2022-02-26 17:17:22 library versions: OpenSSL 3.0.1 14 Dec 2021, LZO 2.10
| 2022-02-26 17:17:22 OpenVPN 2.5.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO]
[LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 21 2022
| 2022-02-26 17:17:22 OpenSSL: error:0308010C:digital envelope
routines::unsupported
| 2022-02-26 17:17:22 EVP cipher init #1
| 2022-02-26 17:17:22 Exiting due to fatal error
|Testing cipher SM4-CBC... OK
| Testing cipher SM4-CFB... OK
| Testing cipher SM4-OFB... OK
| Testing cipher BF-CBC... FAILED
| 2022-02-26 17:17:22 Cipher negotiation is disabled since neither P2MP client
nor server mode is enabled
| 2022-02-26 17:17:22 OpenVPN 2.5.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO]
[LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 21 2022
| 2022-02-26 17:17:22 library versions: OpenSSL 3.0.1 14 Dec 2021, LZO 2.10
| 2022-02-26 17:17:22 OpenVPN 2.5.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO]
[LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 21 2022
| 2022-02-26 17:17:22 WARNING: INSECURE cipher (BF-CBC) with block size less
than 128 bit (64 bit). This allows attacks like SWEET32. Mitiga te by using a
--cipher with a larger block size (e.g. AES-256-CBC). Support for these
insecure ciphers will be removed in OpenVPN 2.7.
| 2022-02-26 17:17:22 OpenSSL: error:0308010C:digital envelope
routines::unsupported
| 2022-02-26 17:17:22 EVP cipher init #1
| 2022-02-26 17:17:22 Exiting due to fatal error
| Testing cipher BF-CFB... FAILED
| 2022-02-26 17:17:22 Cipher negotiation is disabled since neither P2MP client
nor server mode is enabled
| 2022-02-26 17:17:22 OpenVPN 2.5.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO]
[LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 21 2022
| 2022-02-26 17:17:22 library versions: OpenSSL 3.0.1 14 Dec 2021, LZO 2.10
| 2022-02-26 17:17:22 OpenVPN 2.5.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO]
[LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 21 2022
| 2022-02-26 17:17:22 WARNING: INSECURE cipher (BF-CFB) with block size less
than 128 bit (64 bit). This allows attacks like SWEET32. Mitiga te by using a
--cipher with a larger block size (e.g. AES-256-CBC). Support for these
insecure ciphers will be removed in OpenVPN 2.7.
| 2022-02-26 17:17:22 OpenSSL: error:0308010C:digital envelope
routines::unsupported
| 2022-02-26 17:17:22 EVP cipher init #1
| 2022-02-26 17:17:22 Exiting due to fatal error
| Testing cipher BF-OFB... FAILED
| 2022-02-26 17:17:22 Cipher negotiation is disabled since neither P2MP client
nor server mode is enabled
| 2022-02-26 17:17:22 OpenVPN 2.5.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO]
[LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 21 2022
| 2022-02-26 17:17:22 library versions: OpenSSL 3.0.1 14 Dec 2021, LZO 2.10
| 2022-02-26 17:17:22 OpenVPN 2.5.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO]
[LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 21 2022
| 2022-02-26 17:17:22 WARNING: INSECURE cipher (BF-OFB) with block size less
than 128 bit (64 bit). This allows attacks like SWEET32. Mitiga te by using a