#1611 closed defect (duplicate)

Compile error (Werror=incompatible-pointer-types) with LibreSSL 2.8.0

Reported by: ruuda@… Owned by:
Priority: minor Milestone:
Component: other Version: 1.15.x
Keywords: Cc:
uname -a: Linux xps15 4.17.13-arch1-1-ARCH #1 SMP PREEMPT Mon Aug 6 23:06:31 UTC 2018 x86_64 GNU/Linux
nginx -V: Not applicable, but these are my configure flags: --prefix=/nix/store/rhchv84gyqc9gcjzf8aizm2mjqbs8pf9-nginx-1.15.2 --with-http_ssl_module --with-http_v2_module --with-http_gzip_static_module --with-threads --with-pcre-jit --add-module=ngx_brotli --group=nogroup --conf-path=/nix/store/av03qkmp7j6wal2ap9dy7dx687cclzlg-nginx.conf --pid-path=/dev/null --error-log-path=stderr --http-client-body-temp-path=/tmp/client_body_temp --http-fastcgi-temp-path=/tmp/fastcgi_temp --http-proxy-temp-path=/tmp/proxy_temp --http-scgi-temp-path=/tmp/scgi_temp --http-uwsgi-temp-path=/tmp/uwsgi_temp


When compiling 1.15.2 with LibreSSL 2.8.0, I get the following warning as error:

src/event/ngx_event_openssl.c: In function 'ngx_ssl_session_cache':
src/event/ngx_event_openssl.c:2340:43: error: passing argument 2 of 'SSL_CTX_sess_set_get_cb' from incompatible pointer type [-Werror=incompatible-pointer-types]
         SSL_CTX_sess_set_get_cb(ssl->ctx, ngx_ssl_get_cached_session);
In file included from src/event/ngx_event_openssl.h:15:0,
                 from src/core/ngx_core.h:83,
                 from src/event/ngx_event_openssl.c:9:
/nix/store/jqkvzab46b6dp64y7lz3m5qd8rk0j1ks-libressl-2.8.0-dev/include/openssl/ssl.h:729:6: note: expected 'SSL_SESSION * (*)(struct ssl_st *, const unsigned char *, int,  int *) {aka struct ssl_session_st * (*)(struct ssl_st *, const unsigned char *, int,  int *)}' but argument is of type 'SSL_SESSION * (*)(SSL *, u_char *, int,  int *) {aka struct ssl_session_st * (*)(struct ssl_st *, unsigned char *, int,  int *)}'
 void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,

With nginx 1.14.0 and LibreSSL 2.8.0 I get the same error.
With nginx 1.14.0 and LibreSSL 2.7.4 I get no error,
and with nginx 1.15.2 and LibreSSL 2.7.4 I get no error either.

As far as I can tell, the difference is that an unsigned char* type is used where LibreSSL now expects a const unsigned char*.

The LibreSSL release notes for 2.8.0 [1] do mention:

Added const annotations to many existing APIs from OpenSSL, making
interoperability easier for downstream applications.

Is this something that could be corrected in nginx? Or is LibreSSL wrong to add the const annotation in this case?

[1]: https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.8.0-relnotes.txt

Attachments (1)

nginx-libre.patch (856 bytes) - added by ruuda@… 14 months ago.

Download all attachments as: .zip

Change History (3)

Changed 14 months ago by ruuda@…

comment:1 Changed 14 months ago by ruuda@…

The attached patch resolves the issue for me. I verified that I could compile 1.15.2 with both LibreSSL 2.7.4 and 2.8.0 with this patch.

comment:2 Changed 14 months ago by mdounin

  • Resolution set to duplicate
  • Status changed from new to closed

Duplicate of #1605.

Note: See TracTickets for help on using tickets.