Bug 1221714

Summary: GCC 14: fipscheck package fails
Product: [openSUSE] openSUSE Tumbleweed Reporter: Michal Jireš <michal.jires>
Component: SecurityAssignee: Security Team bot <security-team>
Status: NEW --- QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P5 - None CC: meissner, mjambor
Version: Current   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Bug Depends on:    
Bug Blocks: 1220571    

Description Michal Jireš 2024-03-19 13:25:42 UTC 
Building fipscheck with GCC 14 fails here:
https://build.opensuse.org/package/live_build_log/openSUSE:Factory:Staging:Gcc7/fipscheck/standard/x86_64

Due to (exhaustive list of errors):

filehmac.c: In function ‘compute_file_hmac’:
filehmac.c:219:24: error: implicit declaration of function ‘OSSL_PROVIDER_load’ [-Wimplicit-function-declaration]
  219 |                 fips = OSSL_PROVIDER_load(NULL, "fips");
      |                        ^~~~~~~~~~~~~~~~~~
filehmac.c:219:22: error: assignment to ‘OSSL_PROVIDER *’ {aka ‘struct ossl_provider_st *’} from ‘int’ makes pointer from integer without a cast [-Wint-conversion]
  219 |                 fips = OSSL_PROVIDER_load(NULL, "fips");
      |                      ^
filehmac.c:265:32: error: passing argument 3 of ‘EVP_MAC_final’ from incompatible pointer type [-Wincompatible-pointer-types]
  265 |         EVP_MAC_final(c, rbuf, &hlen, sizeof(rbuf));
      |                                ^~~~~
      |                                |
      |                                unsigned int *
/usr/include/openssl/evp.h:1228:47: note: expected ‘size_t *’ {aka ‘long unsigned int *’} but argument is of type ‘unsigned int *’
 1228 |                   unsigned char *out, size_t *outl, size_t outsize);
      |                                       ~~~~~~~~^~~~


See the meta bug#1220571 for more info.
Comment 1 Martin Jambor 2024-07-08 15:41:05 UTC 
I have submitted https://build.opensuse.org/request/show/1186220 which contains upstream patches addressing this issue (and perhaps more).