Bug#982705: openssh: FTBFS: sha2.h:57:16: error: redefinition of ‘struct _SHA2_CTX’

Sat, 13 Feb 2021 23:36:15 -0800 

Hello,

On Sat, Feb 13, 2021 at 06:04:32PM +0100, Lucas Nussbaum wrote:
> Source: openssh
> Version: 1:8.4p1-3
> Severity: serious
> Justification: FTBFS on amd64
[...]
> > In file included from ../../sk-usbhid.c:30:
> > /usr/include/sha2.h:57:16: error: redefinition of ‘struct _SHA2_CTX’
[...]
> > ../../openbsd-compat/sha2.h:66:16: note: originally defined here
[...]

This problem seems to be caused by configure not finding the
SHA{256,384,512}Update functions and thus not defining HAVE_*
for them to make openbsd-compat/sha2.h ifndef's bail out.

The build log says:
```
checking for SHA256Update... no
checking for SHA384Update... no
checking for SHA512Update... no
```

More info on why is in config.log :

```
configure:11580: checking for SHA256Update
configure:11580: cc -o conftest -g -O2 -ffile-prefix-map=/tmp/openssh-8.4p1=. 
-fstack-protector-strong -Wformat -Werror=format-security -pipe 
-Wno-error=format-truncation -Wall -Wextra -Wpointer-arith -Wuninitialized 
-Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess -Wno-pointer-sign 
-Wno-unused-parameter -Wno-unused-result -Wimplicit-fallthrough 
-fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv -fno-builtin-memset 
-fstack-protector-strong -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2 
-ffile-prefix-map=/tmp/openssh-8.4p1=. -fstack-protector-strong -Wformat 
-Werror=format-security -DSSH_EXTRAVERSION=\"Debian-3\" -Wdate-time 
-D_FORTIFY_SOURCE=2 -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE 
-I/usr/include/editline -Wl,-z,relro -Wl,-z,now -Wl,-z,relro -Wl,-z,now 
-Wl,-z,noexecstack -fstack-protector-strong -Wl,--as-needed -Wl,-z,relro 
-Wl,-z,now conftest.c -lutil -lz  >&5
<command-line>: warning: missing terminating " character
/usr/bin/ld: /tmp/cc7rTcJW.o: in function `main':
./debian/build-deb/conftest.c:153: undefined reference to `SHA256Update'
collect2: error: ld returned 1 exit status
```

Seems like some linker flag (-lmd) is missing to make the test program
succeed. OpenSSH uses AC_CHECK_FUNCS to check for SHA256Update, etc.
This macro doesn't have any way to pass in -lmd as far as I can tell....
(Which in turn makes me wonder if something changed on the libmd side?)

Regards,
Andreas Henriksson

Reply via email to