Re: [openssl-dev] [openssl.org #4471] 1.1.0-pre4 safestack.h compilation errors with -Wcast-qual
This is fixed, but there are similar problems that still exist, for example: — #include #include int main(int argc, char **argv) { return 0; } — clang -Wcast-qual -o foo.o foo.c -I openssl-SNAP-20160516/include/ In file included from foo.c:1: In file included from openssl-SNAP-20160516/include/openssl/err.h:123: openssl-SNAP-20160516/include/openssl/lhash.h:265:1: warning: cast from 'const struct lhash_st_OPENSSL_STRING *' to 'struct lhash_st *' drops const qualifier [-Wcast-qual] DEFINE_LHASH_OF(OPENSSL_STRING); ^ openssl-SNAP-20160516/include/openssl/lhash.h:217:37: note: expanded from macro 'DEFINE_LHASH_OF' lh_node_stats_bio((_LHASH *)lh, out); \ ^ openssl-SNAP-20160516/include/openssl/lhash.h:265:1: warning: cast from 'const struct lhash_st_OPENSSL_STRING *' to 'struct lhash_st *' drops const qualifier [-Wcast-qual] openssl-SNAP-20160516/include/openssl/lhash.h:221:43: note: expanded from macro 'DEFINE_LHASH_OF' lh_node_usage_stats_bio((_LHASH *)lh, out); \ ^ openssl-SNAP-20160516/include/openssl/lhash.h:265:1: warning: cast from 'const struct lhash_st_OPENSSL_STRING *' to 'struct lhash_st *' drops const qualifier [-Wcast-qual] openssl-SNAP-20160516/include/openssl/lhash.h:225:32: note: expanded from macro 'DEFINE_LHASH_OF' lh_stats_bio((_LHASH *)lh, out); \ ^ openssl-SNAP-20160516/include/openssl/lhash.h:266:1: warning: cast from 'const struct lhash_st_OPENSSL_CSTRING *' to 'struct lhash_st *' drops const qualifier [-Wcast-qual] DEFINE_LHASH_OF(OPENSSL_CSTRING); ^ openssl-SNAP-20160516/include/openssl/lhash.h:217:37: note: expanded from macro 'DEFINE_LHASH_OF' lh_node_stats_bio((_LHASH *)lh, out); \ ^ openssl-SNAP-20160516/include/openssl/lhash.h:266:1: warning: cast from 'const struct lhash_st_OPENSSL_CSTRING *' to 'struct lhash_st *' drops const qualifier [-Wcast-qual] openssl-SNAP-20160516/include/openssl/lhash.h:221:43: note: expanded from macro 'DEFINE_LHASH_OF' lh_node_usage_stats_bio((_LHASH *)lh, out); \ ^ openssl-SNAP-20160516/include/openssl/lhash.h:266:1: warning: cast from 'const struct lhash_st_OPENSSL_CSTRING *' to 'struct lhash_st *' drops const qualifier [-Wcast-qual] openssl-SNAP-20160516/include/openssl/lhash.h:225:32: note: expanded from macro 'DEFINE_LHASH_OF' lh_stats_bio((_LHASH *)lh, out); \ ^ In file included from foo.c:1: openssl-SNAP-20160516/include/openssl/err.h:321:1: warning: cast from 'const struct lhash_st_ERR_STRING_DATA *' to 'struct lhash_st *' drops const qualifier [-Wcast-qual] DEFINE_LHASH_OF(ERR_STRING_DATA); ^ openssl-SNAP-20160516/include/openssl/lhash.h:217:37: note: expanded from macro 'DEFINE_LHASH_OF' lh_node_stats_bio((_LHASH *)lh, out); \ ^ In file included from foo.c:1: openssl-SNAP-20160516/include/openssl/err.h:321:1: warning: cast from 'const struct lhash_st_ERR_STRING_DATA *' to 'struct lhash_st *' drops const qualifier [-Wcast-qual] openssl-SNAP-20160516/include/openssl/lhash.h:221:43: note: expanded from macro 'DEFINE_LHASH_OF' lh_node_usage_stats_bio((_LHASH *)lh, out); \ ^ In file included from foo.c:1: openssl-SNAP-20160516/include/openssl/err.h:321:1: warning: cast from 'const struct lhash_st_ERR_STRING_DATA *' to 'struct lhash_st *' drops const qualifier [-Wcast-qual] openssl-SNAP-20160516/include/openssl/lhash.h:225:32: note: expanded from macro 'DEFINE_LHASH_OF' lh_stats_bio((_LHASH *)lh, out); \ ^ In file included from foo.c:2: openssl-SNAP-20160516/include/openssl/ssl.h:918:1: warning: cast from 'const struct ssl_cipher_st *' to 'void *' drops const qualifier [-Wcast-qual] DEFINE_STACK_OF_CONST(SSL_CIPHER) ^ openssl-SNAP-20160516/include/openssl/safestack.h:188:35: note: expanded from macro 'DEFINE_STACK_OF_CONST' # define DEFINE_STACK_OF_CONST(t) SKM_DEFINE_STACK_OF(t, const t, t) ^ openssl-SNAP-20160516/include/openssl/safestack.h:123:58: note: expanded from macro 'SKM_DEFINE_STACK_OF' return (t2 *)sk_delete_ptr((_STACK *)sk, (void *)ptr); \ ^ In file included from foo.c:2: openssl-SNAP-20160516/include/openssl/ssl.h:918:1: warning: cast from 'const struct ssl_cipher_st *' to 'void *' drops const qualifier [-Wcast-qual] openssl-SNAP-20160516/include/openssl/safestack.h:188:35: note: expanded from macro 'DEFINE_STACK_OF_CONST' # define DEFINE_STACK_OF_CONST(t) SKM_DEFINE_STACK_OF(t, const t, t) ^
[openssl-dev] [openssl.org #4471] 1.1.0-pre4 safestack.h compilation errors with -Wcast-qual
Attempting to compile this program: #include int main(int argc, char **argv) { return 0; } with -Wcast-qual (with both gcc and clang) results in errors like this (repeated a number of times). target/include/openssl/safestack.h:214:1: warning: cast from 'const struct stack_st_OPENSSL_STRING *' to 'struct stack_st *' drops const qualifier [-Wcast-qual] DEFINE_SPECIAL_STACK_OF(OPENSSL_STRING, char) ^ target/include/openssl/safestack.h:186:42: note: expanded from macro 'DEFINE_SPECIAL_STACK_OF' # define DEFINE_SPECIAL_STACK_OF(t1, t2) SKM_DEFINE_STACK_OF(t1, t2, t2) ^ target/include/openssl/safestack.h:95:33: note: expanded from macro 'SKM_DEFINE_STACK_OF' return sk_num((_STACK *)sk); \ ^ This doesn’t happen with 1.0.2g. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4471 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
1.0.1a build failure on OS X
I just tried building 1.0.1a on OS X (Lion, if it matters), and it failed with: Undefined symbols for architecture x86_64: _rc4_md5_enc, referenced from: _rc4_hmac_md5_cipher in libcrypto.a(e_rc4_hmac_md5.o) ld: symbol(s) not found for architecture x86_64 Looking through the CVS logs, I found: 2011-Nov-15 13:39 1.1.2.4 Check-in [21726] on branch OpenSSL_1_0_1-stable: e_rc4_hmac_md5.c: make it work on darwin64, which is configured with RC4_CHAR. By appro. (diff) and applying that patch appears to fix the problem, but it looks like it was reverted (possibly unintentionally?) in 1.1.2.4.2.1 and 1.1.2.5.__ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2797] 1.0.1a build failure on OS X
I just tried building 1.0.1a on OS X (Lion, if it matters), and it failed with: Undefined symbols for architecture x86_64: _rc4_md5_enc, referenced from: _rc4_hmac_md5_cipher in libcrypto.a(e_rc4_hmac_md5.o) ld: symbol(s) not found for architecture x86_64 Looking through the CVS logs, I found: 2011-Nov-15 13:39 1.1.2.4 Check-in [21726] on branch OpenSSL_1_0_1-stable: e_rc4_hmac_md5.c: make it work on darwin64, which is configured with RC4_CHAR. By appro. (diff) and applying that patch appears to fix the problem, but it looks like it was reverted (possibly unintentionally?) in 1.1.2.4.2.1 and 1.1.2.5. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
signed/unsigned warnings in crypto/bn/bn_lib.c
Here's a small patch to remove a few 'comparison between signed and unsigned' in crypto/bn/bn_lib.c, obtained by compiling openssl 0.9.4 with gcc -W -Wall. Brian -- --- bn_lib.c.oldFri Aug 20 15:59:12 1999 +++ bn_lib.cFri Aug 20 15:57:03 1999 @@ -84,28 +84,28 @@ { if (mult = 0) { - if (mult (sizeof(int)*8)-1) + if ((unsigned int)mult (sizeof(int)*8)-1) mult=sizeof(int)*8-1; bn_limit_bits=mult; bn_limit_num=1mult; } if (high = 0) { - if (high (sizeof(int)*8)-1) + if ((unsigned int)high (sizeof(int)*8)-1) high=sizeof(int)*8-1; bn_limit_bits_high=high; bn_limit_num_high=1high; } if (low = 0) { - if (low (sizeof(int)*8)-1) + if ((unsigned int)low (sizeof(int)*8)-1) low=sizeof(int)*8-1; bn_limit_bits_low=low; bn_limit_num_low=1low; } if (mont = 0) { - if (mont (sizeof(int)*8)-1) + if ((unsigned int)mont (sizeof(int)*8)-1) mont=sizeof(int)*8-1; bn_limit_bits_mont=mont; bn_limit_num_mont=1mont; @@ -551,7 +551,7 @@ BN_ULONG ret=0; n=BN_num_bytes(a); - if (n sizeof(BN_ULONG)) + if ((unsigned int)n sizeof(BN_ULONG)) return(BN_MASK2); for (i=a-top-1; i=0; i--) { @@ -569,7 +569,7 @@ int BN_set_word(BIGNUM *a, BN_ULONG w) { int i,n; - if (bn_expand(a,sizeof(BN_ULONG)*8) == NULL) return(0); + if (bn_expand(a,(int)sizeof(BN_ULONG)*8) == NULL) return(0); n=sizeof(BN_ULONG)/BN_BYTES; a-neg=0; __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: creating a subset of openssl
On Wed, 30 Jun 1999, Ulf [iso-8859-1] Möller wrote: - US Export control issues. We only need DSA, SHA1, MD5, and randomness (and possibly RSA when the patent expires). Since BIND must be exportable, it would be nice to be able to strip out the code for unneeded algorithms before running config, so that we can distribute a subset in the BIND distribution. As mentioned in INSTALL, this requires that you run "make depend". The makedepend binary comes with Linux, for example. (In the current development version, config checks for missing ciphers. In 0.9.3a you still need to give the corresponding no-xxx options manually.) In the current snapshot (openssl-SNAP-19990629), I did: rm -rf bf cast des dh idea md2 mdc2 rc2 rc4 rc5 ripemd rsa from the crypto directory. config enters an infinite loop: make[3]: Leaving directory `/usr/home/bwelling/openssl-SNAP-19990629/crypto/hmac' /bin/sh: ripemd: No such file or directory making links in crypto/ripemd... make[3]: Entering directory `/usr/home/bwelling/openssl-SNAP-19990629/crypto' - Cipher disables. Many of the ciphers can be disabled by config options. Some of these don't work (no-hmac dies with an #error, no-ripemd has no effect). Fixed. Thanks for pointing it out. I have verified that you can now build libcrypto (except for the PRNG) with no ciphers at all :-) and ssl/ and apps/ with just rsa, des, md5, sha and hmac. Thanks. The compile's dying in crypto/evp for me, though. gcc -I.. -I../../include -DTHREADS -D_REENTRANT -DNO_BF -DNO_CAST -DNO_DES -DNO_DH -DNO_IDEA -DNO_MD2 -DNO_MDC2 -DNO_RC2 -DNO_RC4 -DNO_RC5 -DNO_RIPEMD -DNO_RSA -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -DSHA1_ASM -DMD5_ASM -DRMD160_ASM -c m_ripemd.c -o m_ripemd.o m_ripemd.c:69: `RIPEMD160_DIGEST_LENGTH' undeclared here (not in a function) m_ripemd.c:69: initializer element for `ripemd160_md.md_size' is not constant m_ripemd.c:70: `RIPEMD160_Init' undeclared here (not in a function) m_ripemd.c:70: initializer element for `ripemd160_md.init' is not constant m_ripemd.c:71: `RIPEMD160_Update' undeclared here (not in a function) m_ripemd.c:71: initializer element for `ripemd160_md.update' is not constant m_ripemd.c:72: `RIPEMD160_Final' undeclared here (not in a function) m_ripemd.c:72: initializer element for `ripemd160_md.final' is not constant m_ripemd.c:74: `RIPEMD160_CBLOCK' undeclared here (not in a function) m_ripemd.c:74: initializer element for `ripemd160_md.block_size' is not constant m_ripemd.c:75: `RIPEMD160_CTX' undeclared here (not in a function) - Other disables. Options such as no-asn1, no-pkcs7, no-pkcs12, no-x509 would be useful, as these would significantly shrink the size of libcrypto.a as well as the source. That is a very useful suggestion. I'll look into it in a week or so. Thanks again. Disabling SSL would be nice also, but isn't as important, since it's not linked into libcrypto. You can just ignore the ssl directory completely. If you run make in the crypto directory, SSL/TLS doesn't get compiled. OK, that's good to know. Brian __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]