You are viewing a plain text version of this content. The canonical link for it is here.
Posted to github@trafficserver.apache.org by GitBox <gi...@apache.org> on 2022/06/14 15:58:15 UTC

[GitHub] [trafficserver] bneradt commented on pull request #8909: Move HKDF and HMACs to OpenSSL 3 interfaces

bneradt commented on PR #8909:
URL: https://github.com/apache/trafficserver/pull/8909#issuecomment-1155394181

   In case it's helpful, here's the Fedora build results:
   https://ci.trafficserver.apache.org/job/Github_Builds/job/fedora/1053/console
   
   ```
   QUICTLS.cc: In member function 'void QUICTLS::update_key_materials_for_read(QUICEncryptionLevel, const uint8_t*, size_t)':
   QUICTLS.cc:264:46: error: no matching function for call to 'QUICHKDF::QUICHKDF(const EVP_MD*)'
     264 |   QUICHKDF hkdf(this->_get_handshake_digest());
         |                                              ^
   In file included from QUICKeyGenerator.h:27,
                    from QUICHandshakeProtocol.h:26,
                    from QUICTLS.h:37,
                    from QUICTLS.cc:24:
   QUICHKDF.h:31:3: note: candidate: 'QUICHKDF::QUICHKDF(const char*)'
      31 |   QUICHKDF(const char *digest) : HKDF(digest) {}
         |   ^~~~~~~~
   QUICHKDF.h:31:24: note:   no known conversion for argument 1 from 'const EVP_MD*' {aka 'const evp_md_st*'} to 'const char*'
      31 |   QUICHKDF(const char *digest) : HKDF(digest) {}
         |            ~~~~~~~~~~~~^~~~~~
   QUICHKDF.h:28:7: note: candidate: 'constexpr QUICHKDF::QUICHKDF(const QUICHKDF&)'
      28 | class QUICHKDF : public HKDF
         |       ^~~~~~~~
   QUICHKDF.h:28:7: note:   no known conversion for argument 1 from 'const EVP_MD*' {aka 'const evp_md_st*'} to 'const QUICHKDF&'
   QUICHKDF.h:28:7: note: candidate: 'constexpr QUICHKDF::QUICHKDF(QUICHKDF&&)'
   QUICHKDF.h:28:7: note:   no known conversion for argument 1 from 'const EVP_MD*' {aka 'const evp_md_st*'} to 'QUICHKDF&&'
   QUICTLS.cc: In member function 'void QUICTLS::update_key_materials_for_write(QUICEncryptionLevel, const uint8_t*, size_t)':
   QUICTLS.cc:322:46: error: no matching function for call to 'QUICHKDF::QUICHKDF(const EVP_MD*)'
     322 |   QUICHKDF hkdf(this->_get_handshake_digest());
         |                                              ^
   QUICHKDF.h:31:3: note: candidate: 'QUICHKDF::QUICHKDF(const char*)'
      31 |   QUICHKDF(const char *digest) : HKDF(digest) {}
         |   ^~~~~~~~
   QUICHKDF.h:31:24: note:   no known conversion for argument 1 from 'const EVP_MD*' {aka 'const evp_md_st*'} to 'const char*'
      31 |   QUICHKDF(const char *digest) : HKDF(digest) {}
         |            ~~~~~~~~~~~~^~~~~~
   QUICHKDF.h:28:7: note: candidate: 'constexpr QUICHKDF::QUICHKDF(const QUICHKDF&)'
      28 | class QUICHKDF : public HKDF
         |       ^~~~~~~~
   QUICHKDF.h:28:7: note:   no known conversion for argument 1 from 'const EVP_MD*' {aka 'const evp_md_st*'} to 'const QUICHKDF&'
   QUICHKDF.h:28:7: note: candidate: 'constexpr QUICHKDF::QUICHKDF(QUICHKDF&&)'
   QUICHKDF.h:28:7: note:   no known conversion for argument 1 from 'const EVP_MD*' {aka 'const evp_md_st*'} to 'QUICHKDF&&'
   make[3]: *** [Makefile:1903: QUICTLS.o] Error 1
   make[3]: *** Waiting for unfinished jobs....
   QUICKeyGenerator.cc: In member function 'void QUICKeyGenerator::generate(QUICVersion, uint8_t*, uint8_t*, uint8_t*, size_t*, QUICConnectionId)':
   QUICKeyGenerator.cc:60:90: error: cannot convert 'const char*' to 'const EVP_MD*' {aka 'const evp_md_st*'}
      60 |                                    LABEL_FOR_CLIENT_INITIAL_SECRET.length(), EVP_MD_size(md));
         |                                                                                          ^~
         |                                                                                          |
         |                                                                                          const char*
   In file included from QUICKeyGenerator.h:25,
                    from QUICKeyGenerator.cc:24:
   /opt/openssl-quic/include/openssl/evp.h:447:31: note:   initializing argument 1 of 'int EVP_MD_size(const EVP_MD*)'
     447 | int EVP_MD_size(const EVP_MD *md);
         |                 ~~~~~~~~~~~~~~^~
   QUICKeyGenerator.cc:70:90: error: cannot convert 'const char*' to 'const EVP_MD*' {aka 'const evp_md_st*'}
      70 |                                    LABEL_FOR_SERVER_INITIAL_SECRET.length(), EVP_MD_size(md));
         |                                                                                          ^~
         |                                                                                          |
         |                                                                                          const char*
   /opt/openssl-quic/include/openssl/evp.h:447:31: note:   initializing argument 1 of 'int EVP_MD_size(const EVP_MD*)'
     447 | int EVP_MD_size(const EVP_MD *md);
         |                 ~~~~~~~~~~~~~~^~
   make[3]: *** [Makefile:1903: QUICKeyGenerator.o] Error 1
   make[3]: Leaving directory '/home/jenkins/workspace/Github_Builds/fedora/src/iocore/net/quic'
   make[2]: *** [Makefile:1350: all-recursive] Error 1
   make[2]: Leaving directory '/home/jenkins/workspace/Github_Builds/fedora/src/iocore/net'
   make[1]: *** [Makefile:607: all-recursive] Error 1
   make[1]: Leaving directory '/home/jenkins/workspace/Github_Builds/fedora/src/iocore'
   make: *** [Makefile:883: all-recursive] Error 1
   ```
   
   The Rocky (our CentOS replacement for CI) seems to be failing for the same reason:
   https://ci.trafficserver.apache.org/job/Github_Builds/job/rocky/439/console


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org