Package: opensc
Version: 0.22.0-1
Severity: serious
Tags: patch experimental
Justification: ftbfs
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu jammy ubuntu-patch
Hi Eric,
In Ubuntu, opensc is failing to build from source for two different reasons.
First, the compiler is detecting a possibly-uninitialized variable:
[...]
gcc -DHAVE_CONFIG_H -I. -I../.. -I../../src
-D'DEFAULT_PKCS11_PROVIDER="/usr/lib/x86_64-linux-gnu/opensc-pkcs11.so"'
-D'DEFAULT_ONEPIN_PKCS11_PROVIDER="/usr/lib/x86_64-linux-gnu/onepin-opensc-pkcs11.so"'
-Wdate-time -D_FORTIFY_SOURCE=2 -pthread -Wall -Wextra -Wno-unused-parameter
-Werror -g -O2 -ffile-prefix-map=/<<PKGBUILDDIR>>=. -flto=auto
-ffat-lto-objects -fstack-protector-strong -Wformat -Werror=format-security -c
-o opensc-explorer.o opensc-explorer.c
opensc-explorer.c: In function 'do_apdu.part.0':
opensc-explorer.c:2028:13: error: 'buf' may be used uninitialized
[-Werror=maybe-uninitialized]
2028 | r = sc_bytes2apdu(card->ctx, buf, len, &apdu);
| ^
../../src/libopensc/opensc.h:911:5: note: by argument 2 of type 'const u8 *' to
'sc_bytes2apdu' declared here
911 | int sc_bytes2apdu(sc_context_t *ctx, const u8 *buf, size_t len,
sc_apdu_t *apdu);
| ^
opensc-explorer.c:2009:12: note: 'buf' declared here
2009 | u8 buf[SC_MAX_EXT_APDU_BUFFER_SIZE];
| ^
[...]
(https://launchpad.net/ubuntu/+archive/test-rebuild-20210927-impish/+build/22185047)
And second, it fails to build with openssl 3, which is now the current
version in Ubuntu, due to use of deprecated functions:
[...]
libtool: compile: gcc -DHAVE_CONFIG_H -I. -I../..
-DSC_PKCS15_PROFILE_DIRECTORY=\"/usr/share/opensc\" -I../../src -Wdate-time
-D_FORTIFY_SOURCE=2 -Wall -Wextra -Wno-unused-parameter -Werror
-Wstrict-aliasing=2 -g -O2 -ffile-prefix-map=/<<PKGBUILDDIR>>=. -flto=auto
-ffat-lto-objects -fstack-protector-strong -Wformat -Werror=format-security -c
pkcs15-westcos.c -fPIC -DPIC -o .libs/pkcs15-westcos.o
pkcs15-westcos.c: In function ‘westcos_pkcs15init_generate_key’:
pkcs15-westcos.c:230:9: error: ‘RSA_new’ is deprecated: Since OpenSSL 3.0
[-Werror=deprecated-declarations]
230 | rsa = RSA_new();
| ^~~
In file included from pkcs15-westcos.c:30:
/usr/include/openssl/rsa.h:201:28: note: declared here
201 | OSSL_DEPRECATEDIN_3_0 RSA *RSA_new(void);
| ^~~~~~~
pkcs15-westcos.c:241:17: error: ‘RSA_generate_key_ex’ is deprecated: Since
OpenSSL 3.0 [-Werror=deprecated-declarations]
241 | !RSA_generate_key_ex(rsa, key_info->modulus_length, bn,
NULL))
| ^
In file included from pkcs15-westcos.c:30:
/usr/include/openssl/rsa.h:260:27: note: declared here
260 | OSSL_DEPRECATEDIN_3_0 int RSA_generate_key_ex(RSA *rsa, int bits,
BIGNUM *e,
| ^~~~~~~~~~~~~~~~~~~
pkcs15-westcos.c:247:9: error: ‘RSA_set_method’ is deprecated: Since OpenSSL
3.0 [-Werror=deprecated-declarations]
247 | RSA_set_method(rsa, RSA_PKCS1_OpenSSL());
| ^~~~~~~~~~~~~~
[...]
(https://launchpad.net/ubuntu/+source/opensc/0.22.0-1/+build/22599087)
I don't know why the first issue doesn't appear to affect Debian unstable,
which is using the same version of gcc. The latter issue will affect the
next Debian release, where openssl 3 is also expected to be the default; for
the moment, openssl 3 is only in experimental.
I've worked around the build failures in Ubuntu by simply not treating these
two classes of warnings as fatal; please see the attached patch. You (or
upstream) may prefer to address the issues in the code that trigger the
warnings.
Thanks for considering,
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru opensc-0.22.0/debian/rules opensc-0.22.0/debian/rules
--- opensc-0.22.0/debian/rules 2021-08-16 21:48:15.000000000 -0700
+++ opensc-0.22.0/debian/rules 2021-12-08 12:41:56.000000000 -0800
@@ -1,5 +1,8 @@
#!/usr/bin/make -f
+export DEB_CFLAGS_MAINT_APPEND = -Wno-error=deprecated-declarations \
+ -Wno-error=maybe-uninitialized
+
%:
dh $@
