poco icon indicating copy to clipboard operation
poco copied to clipboard
verified publisher icon pocoproject

Poco 1.12.x compile error on systems with OpenSSL 1.0.0 (drop support for old OpenSSL)

Open gyee-penguin opened this issue 3 years ago • 9 comments

Describe the bug I get a compile error for Poco 1.12.0 and 1.12.2 on CentOS 7 (with GCC 10) or Ubuntu 16 (both have OpenSSL 1.0.0) in the Crypto component. Compilation works for 1.11.1, 1.11.2, and 1.11.3.

To Reproduce CentOS 7, Use devtoolset-10, Download Poco 1.12.2 source. Compile.

Expected behavior I didn't see anything in the change log to suggest that OpenSSL 1.0.0 support had been dropped for Poco 1.12.x or that OpenSSL 1.1.1 is required. I thought it would build.

Logs

/opt/rh/devtoolset-10/root/usr/bin/g++  -DPOCO_ENABLE_CPP11 -DPOCO_ENABLE_CPP14 -DPOCO_HAVE_FD_EPOLL -DPOCO_OS_FAMILY_UNIX -DPOCO_STATIC -D_FILE_OFFSET_BITS=64 -D_LARGEFILE64_SOURCE -D_REENTRANT -D_THREAD_SAFE -D_XOPEN_SOURCE=500 -I/home/builder/src/poco_container/poco/Crypto/include -I/home/builder/src/poco_container/poco/Crypto/src -I/home/builder/src/poco_container/poco/Foundation/include -O2 -g -DNDEBUG   -std=gnu++14 -MD -MT Crypto/CMakeFiles/Crypto.dir/src/Envelope.cpp.o -MF Crypto/CMakeFiles/Crypto.dir/src/Envelope.cpp.o.d -o Crypto/CMakeFiles/Crypto.dir/src/Envelope.cpp.o -c /home/builder/src/poco_container/poco/Crypto/src/Envelope.cpp
/home/builder/src/poco_container/poco/Crypto/src/Envelope.cpp: In constructor 'Poco::Crypto::Envelope::Envelope(int)':
/home/builder/src/poco_container/poco/Crypto/src/Envelope.cpp:27:8: error: invalid operands of types 'int' and 'void' to binary 'operator!='
   27 |  if (1 != EVP_CIPHER_CTX_init(_pCtx))
      |      ~ ^~ ~~~~~~~~~~~~~~~~~~~~~~~~~~
      |      |                       |
      |      int                     void

/home/builder/src/poco_container/poco/Crypto/src/EVPCipherImpl.cpp: In constructor 'Poco::Crypto::{anonymous}::EVPEncryptImpl::EVP
EncryptImpl(const EVP_PKEY*)':
/home/builder/src/poco_container/poco/Crypto/src/EVPCipherImpl.cpp:87:31: error: invalid conversion from 'const EVP_PKEY*' {aka 'c
onst evp_pkey_st*'} to 'EVP_PKEY*' {aka 'evp_pkey_st*'} [-fpermissive]
   87 |    _blockSize = EVP_PKEY_size(_pEVP);
      |                               ^~~~~
      |                               |
      |                               const EVP_PKEY* {aka const evp_pkey_st*}
In file included from /home/builder/src/poco_container/poco/Crypto/include/Poco/Crypto/EV
PPKey.h:28,
                 from /home/builder/src/poco_container/poco/Crypto/include/Poco/Crypto/EVPCipherImpl.h:23,
                 from /home/builder/src/poco_container/poco/Crypto/src/EVPCipherImpl.cpp:15:
/usr/include/openssl/evp.h:959:29: note:   initializing argument 1 of 'int EVP_PKEY_size(EVP_PKEY*)'
  959 | int EVP_PKEY_size(EVP_PKEY *pkey);
      |                   ~~~~~~~~~~^~~~
/home/builder/src/poco_container/poco/Crypto/src/EVPCipherImpl.cpp: In constructor 'Poco::Crypto::{anonymous}::EVPDecryptImpl::EVPDecryptImpl(const EVP_PKEY*)':
/home/builder/src/poco_container/poco/Crypto/src/EVPCipherImpl.cpp:200:31: error: invalid conversion from 'const EVP_PKEY*' {aka 'const evp_pkey_st*'} to 'EVP_PKEY*' {aka 'evp_pkey_st*'} [-fpermissive]
  200 |    _blockSize = EVP_PKEY_size(_pEVP);
      |                               ^~~~~
      |                               |
      |                               const EVP_PKEY* {aka const evp_pkey_st*}
In file included from /home/builder/src/poco_container/poco/Crypto/include/Poco/Crypto/EVPPKey.h:28,
                 from /home/builder/src/poco_container/poco/Crypto/include/Poco/Crypto/EVPCipherImpl.h:23,
                 from /home/builder/src/poco_container/poco/Crypto/src/EVPCipherImpl.cpp:15:
/usr/include/openssl/evp.h:959:29: note:   initializing argument 1 of 'int EVP_PKEY_size(EVP_PKEY*)'
  959 | int EVP_PKEY_size(EVP_PKEY *pkey);
      |                   ~~~~~~~~~~^~~~

Screenshots NA

Please add relevant environment information:

  • CentOS 7
  • POCO Version 1.12.2
  • OpenSSL 1.0.2k-fips

Additional context NA

EDIT: Drop support for old OpenSSL

gyee-penguin avatar Aug 10 '22 17:08 gyee-penguin

It wasn't intentional, the >10 year span between 1.0 and 3.0 is stretching us thin; if you want to send a devel branch pull to fix it, I'll merge it for 1.12.3 after all the CI passes.

aleks-f avatar Aug 10 '22 19:08 aleks-f

Sounds good. I'm not sure if I can do this right now, but I may be able to later. Thank you @aleks-f

gyee-penguin avatar Aug 11 '22 14:08 gyee-penguin

Hello @aleks-f, we finally found some time to look into this and we have submitted a PR that should allow this to compile https://github.com/pocoproject/poco/pull/3909

gyee-penguin avatar Jan 03 '23 18:01 gyee-penguin

I don't think our patch is the cause of the checks failing. I believe the devel branch was failing checks before we rebased our patch top of it, which is why it's failing now.

gyee-penguin avatar Jan 11 '23 22:01 gyee-penguin

Hello @aleks-f @obiltschnig ,

Do either of you know roughly when Poco 1.12.5 is expected to be released and whether our patch for this issue will be part of it?

Thanks!

gyee-penguin avatar Feb 21 '23 17:02 gyee-penguin

This issue is stale because it has been open for 365 days with no activity.

github-actions[bot] avatar Feb 22 '24 02:02 github-actions[bot]

Envelope.cpp was changed in 1.13. Does it compile with OpenSSL 1.0?

OTOH, shall OpenSSL 1.0 still be supported? Even 1.1 reached EOL.

matejk avatar Feb 23 '24 09:02 matejk

I think we should drop support for OpenSSL < 1.1.1. And any new features we might add should be OpenSSL 3 only.

obiltschnig avatar Feb 23 '24 10:02 obiltschnig