On Tue, Feb 21, 2012, Bruce Stephens wrote: > This is when built with fips enabled. The issue seems to be some > difference in gcc behaviour: > > make[3]: Entering directory `/releng/nightly/trunk/build/openssl/crypto/bn' > ../../util/domd ../.. -MD gcc -- -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB > -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DIC_LICENSE > -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,--noexecstack > -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT > -DOPENSSL_BN_ASM_GF2m > -I/releng/nightly/trunk/build/openssl/isode/../../openssl-fips/linux32//include > -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM > -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -I.. -I../.. -I../modes -I../asn1 > -I../evp -I../../include -Iyes -DOPENSSL_NO_DEPRECATED > -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_IDEA > -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 > -DOPENSSL_NO_RSAX -DOPENSSL_NO_SCTP -DOPENSSL_NO_STORE -- bn_add.c bn_div.c > bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c bn_print.c bn_rand.c bn_shift.c > bn_word.c bn_blind.c bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c > bn_sqr.c bn_asm.c bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c > bn_depr.c bn_const.c bn_x931p.c > bn_div.c:144:1: error: "bn_div_words" redefined > In file included from > /releng/nightly/trunk/build/openssl/isode/../../openssl-fips/linux32//include/openssl/crypto.h:151, > from > /releng/nightly/trunk/build/openssl/isode/../../openssl-fips/linux32//include/openssl/bn.h:133, > from bn_div.c:60: > /releng/nightly/trunk/build/openssl/isode/../../openssl-fips/linux32//include/openssl/fipssyms.h:620:1: > error: this is the location of the previous definition > > This is with gcc-4.1.2. With gcc-4.6.2 I don't get any errors. If I add > suitable hackery: > > #if defined(bn_div_words) > #error "bn_div_words is defined" > #endif > > just before line 144 of bn_div.c then my build with 4.6.2 also fails, > suggesting it's not that some different combination of things is > happening, it's just that 4.6.2 silently permits redefinition of > macros. (Without the -Werror, 4.6.2 gives a warning for the > redefinition.) > > I don't see anything fixing this in CVS, so is this a bug, and what's a > suitable resolution? An easy fix is just to explicitly undefine > bn_div_words (and SHA1_Update in crypto/evp/e_aes_cbc_hmac_sha1.c which > is similarly problematic), but ought these to be redefined at all? > > Maybe these ought to be defined only if OPENSSL_FIPS isn't defined?
Please try the latest CVS, there have been some workarounds for these issues such as: http://cvs.openssl.org/chngview?cn=22031 These are only problems for "make depend" and don't show up on my system. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
