[Bug 2154880] [NEW] radsecproxy: FTBFS with openssl 4.0

Tue, 02 Jun 2026 04:01:22 -0700 

Public bug reported:

Imported from Debian bug http://bugs.debian.org/1138333:

Package: radsecproxy
Version: 1.11.2-1
Severity: normal
Tags: sid
control: affects -1 src:openssl
User: [email protected]
Usertags: openssl-4.0

OpenSSL 4.0 is in experimental. This package fails to build against it:

| gcc -DPACKAGE_NAME=\"radsecproxy\" -DPACKAGE_TARNAME=\"radsecproxy\" 
-DPACKAGE_VERSION=\"1.11.2\" -DPACKAGE_STRING=\"radsecproxy\ 1.11.2\" 
-DPACKAGE_BUGREPORT=\"https://radsecproxy.github.io\"; -DPACKAGE_URL=\"\" 
-DPACKAGE=\"radsecproxy\" -DVERSION=\"1.11.2\" -DHAVE_MALLOPT=1 
-DHAVE_LIBNETTLE=1 -DHAVE_LIBRESOLV=1 -I.  -DSYSCONFDIR=\"/etc\" -Wdate-time 
-D_FORTIFY_SOURCE=2 -g -Wall -Werror -fno-strict-aliasing -I/usr/include -Wall 
-pedantic -Wno-long-long -pthread -DRADPROT_UDP -DRADPROT_TCP -DRADPROT_TLS 
-DRADPROT_DTLS -g -O2 -Werror=implicit-function-declaration 
-ffile-prefix-map=/build/reproducible-path/radsecproxy-1.11.2=. 
-fstack-protector-strong -fstack-clash-protection -Wformat 
-Werror=format-security -fcf-protection -c -o tlscommon.o tlscommon.c
| tlscommon.c: In function ‘verify_cb’:
| tlscommon.c:168:35: error: passing argument 1 of ‘print_x509_name’ 
discards ‘const’ qualifier from pointer target type 
[-Werror=discarded-qualifiers]
|   168 |             buf = print_x509_name(X509_get_subject_name(err_cert));
|       |                                   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| tlscommon.c:119:41: note: expected ‘X509_NAME *’ {aka ‘struct 
X509_name_st *’} but argument is of type ‘const X509_NAME *’ {aka 
‘const struct X509_name_st *’}
|   119 | static char *print_x509_name(X509_NAME *name) {
|       |                              ~~~~~~~~~~~^~~~
| tlscommon.c:176:39: error: passing argument 1 of ‘print_x509_name’ 
discards ‘const’ qualifier from pointer target type 
[-Werror=discarded-qualifiers]
|   176 |                 buf = print_x509_name(X509_get_issuer_name(err_cert));
|       |                                       ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| tlscommon.c:119:41: note: expected ‘X509_NAME *’ {aka ‘struct 
X509_name_st *’} but argument is of type ‘const X509_NAME *’ {aka 
‘const struct X509_name_st *’}
|   119 | static char *print_x509_name(X509_NAME *name) {
|       |                              ~~~~~~~~~~~^~~~
| tlscommon.c: In function ‘certattr_matchcn’:
| tlscommon.c:911:8: error: assignment discards ‘const’ qualifier from 
pointer target type [-Werror=discarded-qualifiers]
|   911 |     nm = X509_get_subject_name(cert);
|       |        ^
| tlscommon.c:918:11: error: assignment discards ‘const’ qualifier from 
pointer target type [-Werror=discarded-qualifiers]
|   918 |         e = X509_NAME_get_entry(nm, loc);
|       |           ^
| tlscommon.c:919:11: error: assignment discards ‘const’ qualifier from 
pointer target type [-Werror=discarded-qualifiers]
|   919 |         t = X509_NAME_ENTRY_get_data(e);
|       |           ^
| tlscommon.c: In function ‘getcertsubject’:
| tlscommon.c:1077:28: error: passing argument 1 of ‘print_x509_name’ 
discards ‘const’ qualifier from pointer target type 
[-Werror=discarded-qualifiers]
|  1077 |     return print_x509_name(X509_get_subject_name(cert));
|       |                            ^~~~~~~~~~~~~~~~~~~~~~~~~~~
| tlscommon.c:119:41: note: expected ‘X509_NAME *’ {aka ‘struct 
X509_name_st *’} but argument is of type ‘const X509_NAME *’ {aka 
‘const struct X509_name_st *’}
|   119 | static char *print_x509_name(X509_NAME *name) {
|       |                              ~~~~~~~~~~~^~~~
| tlscommon.c: In function ‘reverifycert’:
| tlscommon.c:1891:31: error: passing argument 1 of ‘print_x509_name’ 
discards ‘const’ qualifier from pointer target type 
[-Werror=discarded-qualifiers]
|  1891 |         buf = 
print_x509_name(X509_get_subject_name(X509_STORE_CTX_get_current_cert(ctx)));
|       |                               
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| tlscommon.c:119:41: note: expected ‘X509_NAME *’ {aka ‘struct 
X509_name_st *’} but argument is of type ‘const X509_NAME *’ {aka 
‘const struct X509_name_st *’}
|   119 | static char *print_x509_name(X509_NAME *name) {
|       |                              ~~~~~~~~~~~^~~~
| cc1: all warnings being treated as errors


Full buildlog
        
https://breakpoint.cc/openssl-rebuild/logs-4/attempted/radsecproxy_1.11.2-1_amd64-2026-04-19T07:43:03Z

Sebastian

** Affects: radsecproxy (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: radsecproxy (Debian)
     Importance: Undecided
         Status: New

** Bug watch added: Debian Bug tracker #1138333
   https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138333

** Changed in: radsecproxy (Debian)
 Remote watch: None => Debian Bug tracker #1138333

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2154880

Title:
  radsecproxy: FTBFS with openssl 4.0

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/radsecproxy/+bug/2154880/+subscriptions


-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to