building openssh 9.0p1 with openssl 3.0.4 with -Werror=deprecated-declarations
on linux (gcc 10.2.1) I get the errors below. if i remove that flag it
builds fine, although that's not optimal. are there any plans to fix this?
libressl-api-compat.c: In function 'EVP_CIPHER_CTX_get_iv':
libressl-api-compat.c:357:3: error: 'EVP_CIPHER_CTX_iv' is deprecated:
Since OpenSSL 3.0 [-Werror=deprecated-declarations]
357 | memcpy(iv, EVP_CIPHER_CTX_iv(ctx), len);
| ^~~~~~
In file included from libressl-api-compat.c:154:
/usr/include/openssl/evp.h:624:44: note: declared here
624 | OSSL_DEPRECATEDIN_3_0 const unsigned char *EVP_CIPHER_CTX_iv(const
EVP_CIPHER_CTX *ctx);
| ^~~~~~~~~~~~~~~~~
libressl-api-compat.c: In function 'EVP_CIPHER_CTX_set_iv':
libressl-api-compat.c:386:3: error: 'EVP_CIPHER_CTX_iv_noconst' is
deprecated: Since OpenSSL 3.0 [-Werror=deprecated-declarations]
386 | memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, len);
| ^~~~~~
In file included from libressl-api-compat.c:154:
/usr/include/openssl/evp.h:626:38: note: declared here
626 | OSSL_DEPRECATEDIN_3_0 unsigned char
*EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx);
| ^~~~~~~~~~~~~~~~~~~~~~~~~
cc -fstack-clash-protection -D_FORTIFY_SOURCE=2 -mtune=generic -O2 -pipe
-Wno-format-truncation -Wno-stringop-truncation
-fdebug-prefix-map=/builddir/openssh-9.0p1=. -pipe -Wno-error=format-truncation
-Wall -Wpointer-arith -Wuninitialized -Wimplicit-function-declaration
-Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess -Wno-pointer-sign
-Wno-unused-result -Wimplicit-fallthrough -Wmisleading-indentation
-fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv -fno-builtin-memset
-fstack-protector-strong -Werror -fPIC -I. -I.. -I. -I./..
-D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE -I/usr/include
-DHAVE_CONFIG_H -c getgrouplist.c
openssl-compat.c: In function 'ssh_libcrypto_init':
cc1: all warnings being treated as errors
openssl-compat.c:83:2: error: 'ENGINE_load_builtin_engines' is
deprecated: Since OpenSSL 3.0 [-Werror=deprecated-declarations]
83 | ENGINE_load_builtin_engines();
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from openssl-compat.c:26:
/usr/include/openssl/engine.h:358:28: note: declared here
358 | OSSL_DEPRECATEDIN_3_0 void ENGINE_load_builtin_engines(void);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~
openssl-compat.c:84:2: error: 'ENGINE_register_all_complete' is
deprecated: Since OpenSSL 3.0 [-Werror=deprecated-declarations]
84 | ENGINE_register_all_complete();
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from openssl-compat.c:26:
/usr/include/openssl/engine.h:415:27: note: declared here
415 | OSSL_DEPRECATEDIN_3_0 int ENGINE_register_all_complete(void);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
On Mon, 27 Jun 2022, npiazza wrote:> building openssh 9.0p1 with openssl 3.0.4 with -Werror=deprecated-declarations > on linux (gcc 10.2.1) I get the errors below. if i remove that flag it > builds fine, although that's not optimal. are there any plans to fix this?No plans to fix it before the OpenSSL 1.1x API goes EoL, since we do need to support all of OpenSSL 1.1, LibreSSL, OpenSSL 3.0 and BoringSSL. We have suppressed the warnings via the OPENSSL_API_COMPAT mechanism. -d