Package: canl-c
Version: 3.0.0-6
Severity: normal
Tags: sid
control: affects -1 src:openssl
User: [email protected]
Usertags: openssl-4.0
OpenSSL 4.0 is in experimental. This package fails to build against it:
| libtool: compile: gcc -Wall -g -I./src/proxy -I. -g -O2
-Werror=implicit-function-declaration
-ffile-prefix-map=/build/reproducible-path/canl-c-3.0.0=.
-fstack-protector-strong -fstack-clash-protection -Wformat
-Werror=format-security -fcf-protection -Wdate-time -D_FORTIFY_SOURCE=2 -c
./src/canl_ssl.c -fPIC -I./src -I. -fPIC -DPIC -o .libs/canl_ssl.o
| ./src/canl_ssl.c: In function 'ssl_initialize':
| ./src/canl_ssl.c:111:40: error: passing argument 2 of
'X509_STORE_set_check_issued' from incompatible pointer type
[-Wincompatible-pointer-types]
| 111 | X509_STORE_set_check_issued(store, proxy_check_issued);
| | ^~~~~~~~~~~~~~~~~~
| | |
| | int (*)(X509_STORE_CTX *, X509
*, X509 *) {aka int (*)(struct x509_store_ctx_st *, struct x509_st *, struct
x509_st *)}
| In file included from /usr/include/openssl/x509.h:494,
| from /usr/include/openssl/ssl.h:34,
| from ./src/canl_ssl.h:5,
| from ./src/proxy/sslutils.h:64,
| from ./src/canl_locl.h:21,
| from ./src/canl_ssl.c:1:
| /usr/include/openssl/x509_vfy.h:556:36: note: expected
'X509_STORE_CTX_check_issued_fn' {aka 'int (*)(struct x509_store_ctx_st *,
const struct x509_st *, const struct x509_st *)'} but argument is of type 'int
(*)(X509_STORE_CTX *, X509 *, X509 *)' {aka 'int (*)(struct x509_store_ctx_st
*, struct x509_st *, struct x509_st *)'}
| 556 | X509_STORE_CTX_check_issued_fn check_issued);
| | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~
| ./src/proxy/sslutils.h:448:1: note: 'proxy_check_issued' declared here
| 448 | proxy_check_issued(
| | ^~~~~~~~~~~~~~~~~~
| /usr/include/openssl/x509_vfy.h:259:15: note:
'X509_STORE_CTX_check_issued_fn' declared here
| 259 | typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| ./src/canl_ssl.c: In function 'check_hostname_cert':
| ./src/canl_ssl.c:480:18: warning: assignment discards 'const' qualifier from
pointer target type [-Wdiscarded-qualifiers]
| 480 | if(!(ext = X509_get_ext(serv_cert, i)) ||
| | ^
| ./src/canl_ssl.c:505:12: warning: assignment discards 'const' qualifier from
pointer target type [-Wdiscarded-qualifiers]
| 505 | sn = X509_get_subject_name(serv_cert);
| | ^
| ./src/canl_ssl.c:509:39: warning: initialization discards 'const' qualifier
from pointer target type [-Wdiscarded-qualifiers]
| 509 | X509_NAME_ENTRY *cn = X509_NAME_get_entry(sn, i);
| | ^~~~~~~~~~~~~~~~~~~
| ./src/canl_ssl.c: In function 'canl_ssl_ctx_set_clb':
| ./src/canl_ssl.c:1275:40: error: passing argument 2 of
'X509_STORE_set_check_issued' from incompatible pointer type
[-Wincompatible-pointer-types]
| 1275 | X509_STORE_set_check_issued(store, proxy_check_issued);
| | ^~~~~~~~~~~~~~~~~~
| | |
| | int (*)(X509_STORE_CTX *, X509
*, X509 *) {aka int (*)(struct x509_store_ctx_st *, struct x509_st *, struct
x509_st *)}
| /usr/include/openssl/x509_vfy.h:556:36: note: expected
'X509_STORE_CTX_check_issued_fn' {aka 'int (*)(struct x509_store_ctx_st *,
const struct x509_st *, const struct x509_st *)'} but argument is of type 'int
(*)(X509_STORE_CTX *, X509 *, X509 *)' {aka 'int (*)(struct x509_store_ctx_st
*, struct x509_st *, struct x509_st *)'}
| 556 | X509_STORE_CTX_check_issued_fn check_issued);
| | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~
| ./src/proxy/sslutils.h:448:1: note: 'proxy_check_issued' declared here
| 448 | proxy_check_issued(
| | ^~~~~~~~~~~~~~~~~~
| /usr/include/openssl/x509_vfy.h:259:15: note:
'X509_STORE_CTX_check_issued_fn' declared here
| 259 | typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| ./src/canl_ssl.c: In function 'ssl_get_peer':
| ./src/canl_ssl.c:1319:13: warning: assignment discards 'const' qualifier from
pointer target type [-Wdiscarded-qualifiers]
| 1319 | subject = X509_get_subject_name(cert);
| | ^
| make[2]: *** [Makefile:123: canl_ssl.lo] Error 1
Full buildlog
https://breakpoint.cc/openssl-rebuild/logs-4/attempted/canl-c_3.0.0-6_amd64-2026-04-19T07:59:06Z
Sebastian
