openssl-1.0.1beta2 build failure on CentOS 5.5

Tue, 21 Feb 2012 10:54:01 -0800 

This is when built with fips enabled. The issue seems to be some
difference in gcc behaviour:

make[3]: Entering directory `/releng/nightly/trunk/build/openssl/crypto/bn'
../../util/domd ../.. -MD gcc -- -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB 
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DIC_LICENSE 
-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,--noexecstack 
-DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_GF2m 
-I/releng/nightly/trunk/build/openssl/isode/../../openssl-fips/linux32//include 
-DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM 
-DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -I.. -I../.. -I../modes -I../asn1 
-I../evp -I../../include -Iyes -DOPENSSL_NO_DEPRECATED 
-DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_IDEA 
-DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 
-DOPENSSL_NO_RSAX -DOPENSSL_NO_SCTP -DOPENSSL_NO_STORE --  bn_add.c bn_div.c 
bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c bn_print.c bn_rand.c bn_shift.c 
bn_word.c bn_blind.c bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c 
bn_asm.c bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c bn_depr.c 
bn_const.c bn_x931p.c
bn_div.c:144:1: error: "bn_div_words" redefined
In file included from 
/releng/nightly/trunk/build/openssl/isode/../../openssl-fips/linux32//include/openssl/crypto.h:151,
                 from 
/releng/nightly/trunk/build/openssl/isode/../../openssl-fips/linux32//include/openssl/bn.h:133,
                 from bn_div.c:60:
/releng/nightly/trunk/build/openssl/isode/../../openssl-fips/linux32//include/openssl/fipssyms.h:620:1:
 error: this is the location of the previous definition

This is with gcc-4.1.2. With gcc-4.6.2 I don't get any errors. If I add
suitable hackery:

#if defined(bn_div_words)
#error "bn_div_words is defined"
#endif

just before line 144 of bn_div.c then my build with 4.6.2 also fails,
suggesting it's not that some different combination of things is
happening, it's just that 4.6.2 silently permits redefinition of
macros. (Without the -Werror, 4.6.2 gives a warning for the
redefinition.)

I don't see anything fixing this in CVS, so is this a bug, and what's a
suitable resolution? An easy fix is just to explicitly undefine
bn_div_words (and SHA1_Update in crypto/evp/e_aes_cbc_hmac_sha1.c which
is similarly problematic), but ought these to be redefined at all?

Maybe these ought to be defined only if OPENSSL_FIPS isn't defined?
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to