Your message dated Wed, 3 Jun 2026 18:07:06 +0300
with message-id <[email protected]>
and subject line Re: Bug#1138326: stunnel4: FTBFS with openssl 4.0
has caused the Debian Bug report #1138326,
regarding stunnel4: FTBFS with openssl 4.0
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1138326: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138326
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: stunnel4
Version: 3:5.77-1
Severity: normal
Tags: sid
control: affects -1 src:openssl
User: [email protected]
Usertags: openssl-4.0
OpenSSL 4.0 is in experimental. This package fails to build against it:
| gcc -DHAVE_CONFIG_H -I. -I/usr/kerberos/include -I/usr/include
-DLIBDIR='"/usr/lib/x86_64-linux-gnu/stunnel"' -DCONFDIR='"/etc/stunnel"'
-Wdate-time -D_FORTIFY_SOURCE=2 -g -O2 -Werror=implicit-function-declaration
-ffile-prefix-map=/build/reproducible-path/stunnel4-5.77=.
-fstack-protector-strong -fstack-clash-protection -Wformat
-Werror=format-security -fcf-protection -Wall -pthread -Wextra -Wpedantic
-Wformat=2 -Wconversion -Wno-deprecated-declarations
-Wno-unused-command-line-argument -fPIE -fcf-protection=full
-D_FORTIFY_SOURCE=2 -c -o stunnel-verify.o `test -f 'verify.c' || echo
'./'`verify.c
| verify.c: In function ‘verify_checks’:
| verify.c:284:28: warning: passing argument 1 of ‘X509_NAME2text’ discards
‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
| 284 | subject=X509_NAME2text(X509_get_subject_name(cert));
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~
| In file included from verify.c:38:
| prototypes.h:682:22: note: expected ‘X509_NAME *’ {aka ‘struct
X509_name_st *’} but argument is of type ‘const X509_NAME *’ {aka
‘const struct X509_name_st *’}
| 682 | char *X509_NAME2text(X509_NAME *);
| | ^~~~~~~~~~~
| verify.c: In function ‘cert_check_local’:
| verify.c:393:12: warning: assignment discards ‘const’ qualifier from
pointer target type [-Wdiscarded-qualifiers]
| 393 | subject=X509_get_subject_name(cert);
| | ^
| verify.c: In function ‘compare_pubkeys’:
| verify.c:449:24: error: invalid use of incomplete typedef
‘ASN1_BIT_STRING’ {aka ‘const struct asn1_string_st’}
| 449 | if(!k1 || !k2 || k1->length!=k2->length || k1->length<0 ||
| | ^~
| verify.c:449:36: error: invalid use of incomplete typedef
‘ASN1_BIT_STRING’ {aka ‘const struct asn1_string_st’}
| 449 | if(!k1 || !k2 || k1->length!=k2->length || k1->length<0 ||
| | ^~
| verify.c:449:50: error: invalid use of incomplete typedef
‘ASN1_BIT_STRING’ {aka ‘const struct asn1_string_st’}
| 449 | if(!k1 || !k2 || k1->length!=k2->length || k1->length<0 ||
| | ^~
| verify.c:450:27: error: invalid use of incomplete typedef
‘ASN1_BIT_STRING’ {aka ‘const struct asn1_string_st’}
| 450 | safe_memcmp(k1->data, k2->data, (size_t)k1->length))
| | ^~
| verify.c:450:37: error: invalid use of incomplete typedef
‘ASN1_BIT_STRING’ {aka ‘const struct asn1_string_st’}
| 450 | safe_memcmp(k1->data, k2->data, (size_t)k1->length))
| | ^~
| verify.c:450:55: error: invalid use of incomplete typedef
‘ASN1_BIT_STRING’ {aka ‘const struct asn1_string_st’}
| 450 | safe_memcmp(k1->data, k2->data, (size_t)k1->length))
| | ^~
| At top level:
| cc1: note: unrecognized command-line option
‘-Wno-unused-command-line-argument’ may have been intended to silence
earlier diagnostics
Full buildlog
https://breakpoint.cc/openssl-rebuild/logs-4/attempted/stunnel4_5.77-1_amd64-2026-04-19T13:40:56Z
Sebastian
--- End Message ---
--- Begin Message ---
control: notfound -1 3:5.78-1
On Sat, May 30, 2026 at 05:54:09PM +0200, Sebastian Andrzej Siewior wrote:
> Package: stunnel4
[snip]
> OpenSSL 4.0 is in experimental. This package fails to build against it:
>
> | gcc -DHAVE_CONFIG_H -I. -I/usr/kerberos/include -I/usr/include
> -DLIBDIR='"/usr/lib/x86_64-linux-gnu/stunnel"' -DCONFDIR='"/etc/stunnel"'
> -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2 -Werror=implicit-function-declaration
> -ffile-prefix-map=/build/reproducible-path/stunnel4-5.77=.
> -fstack-protector-strong -fstack-clash-protection -Wformat
> -Werror=format-security -fcf-protection -Wall -pthread -Wextra -Wpedantic
> -Wformat=2 -Wconversion -Wno-deprecated-declarations
> -Wno-unused-command-line-argument -fPIE -fcf-protection=full
> -D_FORTIFY_SOURCE=2 -c -o stunnel-verify.o `test -f 'verify.c' || echo
> './'`verify.c
> | verify.c: In function ‘verify_checks’:
> | verify.c:284:28: warning: passing argument 1 of ‘X509_NAME2text’
> discards ‘const’ qualifier from pointer target type
> [-Wdiscarded-qualifiers]
> | 284 | subject=X509_NAME2text(X509_get_subject_name(cert));
> | | ^~~~~~~~~~~~~~~~~~~~~~~~~~~
> | In file included from verify.c:38:
> | prototypes.h:682:22: note: expected ‘X509_NAME *’ {aka ‘struct
> X509_name_st *’} but argument is of type ‘const X509_NAME *’ {aka
> ‘const struct X509_name_st *’}
> | 682 | char *X509_NAME2text(X509_NAME *);
> | | ^~~~~~~~~~~
This problem has been fixed in stunnel 5.78 in unstable and testing since April
23rd.
Still, thanks a lot for running these builds and filing the bugs!
G'luck,
Peter
--
Peter Pentchev [email protected] [email protected] [email protected]
PGP key: https://www.ringlet.net/roam/roam.key.asc
Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13
signature.asc
Description: PGP signature
--- End Message ---
