Source: libfido2 Version: 1.8.0-1 Severity: important Dear Maintainer,
libfido2 fails to build with openssl3 from experimental: |[ 0%] Building C object src/CMakeFiles/fido2.dir/aes256.c.o |cd /<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/src && /usr/bin/cc -DHAVE_CBOR_H -DHAVE_CLOCK_GETTIME -DHAVE_DEV_URANDOM -DHAVE_ENDIAN_H -DHAVE_ERR_H -DHAVE_EXPLICIT_BZERO -DHAVE_GETLINE -DHAVE_GETOPT -DHAVE_GETPAGESIZE -DHAVE_GETRANDOM -DHAVE_OPENSSLV_H -DHAVE_SIGACTION -DHAVE_SIGNAL_H -DHAVE_SYSCONF -DHAVE_SYS_RANDOM_H -DHAVE_UNISTD_H -DSIGNAL_EXAMPLE -DTLS=__thread -D_FIDO_INTERNAL -D_FIDO_MAJOR=1 -D_FIDO_MINOR=8 -D_FIDO_PATCH=0 -I/<<PKGBUILDDIR>>/src -D_POSIX_C_SOURCE=200809L -D_BSD_SOURCE -D_GNU_SOURCE -D_DEFAULT_SOURCE -std=c99 -g -O2 -ffile-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC -Wall -Wextra -Werror -Wshadow -Wcast-qual -Wwrite-strings -Wmissing-prototypes -Wbad-function-cast -pedantic -pedantic-errors -fstack-protector-all -Wno-unused-result -Wconversion -Wsign-conversion -MD -MT src/CMakeFiles/fido2.dir/aes256.c.o -MF CMakeFiles/fido2.dir/aes256.c.o.d -o CMakeFiles/fido2.dir/aes256.c.o -c /<<PKGBUILDDIR>>/src/aes256.c |[ 0%] Generating eddsa_pk_new.3 |cd /<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/man && cp -f /<<PKGBUILDDIR>>/man/eddsa_pk_new.3 . |[ 0%] Generating es256_pk_new.3 |cd /<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/man && cp -f /<<PKGBUILDDIR>>/man/es256_pk_new.3 . |[ 0%] Generating fido2-assert.1 |cd /<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/man && cp -f /<<PKGBUILDDIR>>/man/fido2-assert.1 . |[ 0%] Generating fido2-cred.1 |cd /<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/man && cp -f /<<PKGBUILDDIR>>/man/fido2-cred.1 . |[ 0%] Generating fido2-token.1 |cd /<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/man && cp -f /<<PKGBUILDDIR>>/man/fido2-token.1 . |/<<PKGBUILDDIR>>/src/assert.c: In function ‘fido_get_signed_hash’: |/<<PKGBUILDDIR>>/src/assert.c:389:3: error: ‘SHA256_Init’ is deprecated: Since OpenSSL 3.0 [-Werror=deprecated-declarations] | 389 | if (dgst->len < SHA256_DIGEST_LENGTH || SHA256_Init(&ctx) == 0 || | | ^~ |[...] |In file included from /<<PKGBUILDDIR>>/src/assert.c:8: |/usr/include/openssl/sha.h:76:27: note: declared here | 76 | OSSL_DEPRECATEDIN_3_0 int SHA256_Final(unsigned char *md, SHA256_CTX *c); | | ^~~~~~~~~~~~ |/<<PKGBUILDDIR>>/src/assert.c: In function ‘fido_verify_sig_es256’: |/<<PKGBUILDDIR>>/src/assert.c:433:6: error: ‘EVP_PKEY_get0_EC_KEY’ is deprecated: Since OpenSSL 3.0 [-Werror=deprecated-declarations] | 433 | (ec = EVP_PKEY_get0_EC_KEY(pkey)) == NULL) { | | ^ |In file included from /<<PKGBUILDDIR>>/src/fido.h:11, | from /<<PKGBUILDDIR>>/src/assert.c:10: |/usr/include/openssl/evp.h:1372:25: note: declared here | 1372 | const struct ec_key_st *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey); | | ^~~~~~~~~~~~~~~~~~~~ |/<<PKGBUILDDIR>>/src/assert.c:433:10: error: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] | 433 | (ec = EVP_PKEY_get0_EC_KEY(pkey)) == NULL) { | | ^ |/<<PKGBUILDDIR>>/src/assert.c:438:2: error: ‘ECDSA_verify’ is deprecated: Since OpenSSL 3.0 [-Werror=deprecated-declarations] [...] |cc1: all warnings being treated as errors |make[3]: *** [src/CMakeFiles/fido2.dir/build.make:93: src/CMakeFiles/fido2.dir/assert.c.o] Error 1 |make[3]: *** Waiting for unfinished jobs.... Filing this as important for now, as long as openssl3 is not in unstable. Michael