Openssl 3.0.0
Dominik 'Rathann' Mierzejewski
dominik at greysector.net
Wed Sep 29 09:26:29 UTC 2021
Hello!
On Tuesday, 07 September 2021 at 15:31, The Doctor wrote:
> Openssl 3 is out. Julien I believe you said
> we should be good to go.
When building against OpenSSL 3.0.0 on Fedora rawhide, I can see four
deprecation warnings when compiling tls.c:
gcc -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -fPIE -fstack-protector-strong -I../include -c tls.c
tls.c: In function 'load_dh_buffer':
tls.c:167:9: warning: 'PEM_read_bio_DHparams' is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
167 | dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
| ^~
In file included from tls.h:25,
from tls.c:20:
/usr/include/openssl/pem.h:469:1: note: declared here
469 | DECLARE_PEM_rw_attr(OSSL_DEPRECATEDIN_3_0, DHparams, DH)
| ^~~~~~~~~~~~~~~~~~~
tls.c: In function 'eckey_from_name':
tls.c:473:5: warning: 'EC_KEY_new_by_curve_name' is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
473 | eckey = EC_KEY_new_by_curve_name(builtin_curves[i].nid);
| ^~~~~
In file included from /usr/include/openssl/x509.h:33,
from /usr/include/openssl/pem.h:23,
from tls.h:25,
from tls.c:20:
/usr/include/openssl/ec.h:996:31: note: declared here
996 | OSSL_DEPRECATEDIN_3_0 EC_KEY *EC_KEY_new_by_curve_name(int nid);
| ^~~~~~~~~~~~~~~~~~~~~~~~
tls.c: In function 'tls_init_serverengine':
tls.c:571:5: warning: 'SSL_CTX_set_tmp_dh_callback' is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
571 | SSL_CTX_set_tmp_dh_callback(CTX, tmp_dh_cb);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from tls.h:28,
from tls.c:20:
/usr/include/openssl/ssl.h:2218:6: note: declared here
2218 | void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~
tls.c: In function 'tls_start_servertls':
tls.c:852:9: warning: 'BIO_set_callback' is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
852 | BIO_set_callback(SSL_get_rbio(tls_conn), bio_dump_cb);
| ^~~~~~~~~~~~~~~~
In file included from /usr/include/openssl/lhash.h:26,
from tls.h:21,
from tls.c:20:
/usr/include/openssl/bio.h:277:28: note: declared here
277 | OSSL_DEPRECATEDIN_3_0 void BIO_set_callback(BIO *b, BIO_callback_fn callback);
| ^~~~~~~~~~~~~~~~
Regards,
Dominik
--
Fedora https://getfedora.org | RPM Fusion http://rpmfusion.org
There should be a science of discontent. People need hard times and
oppression to develop psychic muscles.
-- from "Collected Sayings of Muad'Dib" by the Princess Irulan
More information about the inn-workers
mailing list