Can't compile on arch linux
Gigas002 opened this issue · 15 comments
libs/ssl/ssl.c: In function ‘ssl_cert_get_altnames’:
libs/ssl/ssl.c:463:16: error: ‘mbedtls_x509_crt’ has no member named ‘ext_types’
463 | if (crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME) {
| ^~
libs/ssl/ssl.c: In function ‘ssl_key_from_der’:
libs/ssl/ssl.c:596:21: error: too few arguments to function ‘mbedtls_pk_parse_key’
596 | r = mbedtls_pk_parse_key(pk, (const unsigned char*)data, len, NULL, 0);
| ^~~~~~~~~~~~~~~~~~~~
In file included from libs/ssl/ssl.c:30:
/usr/include/mbedtls/pk.h:830:5: note: declared here
830 | int mbedtls_pk_parse_key(mbedtls_pk_context *ctx,
| ^~~~~~~~~~~~~~~~~~~~
libs/ssl/ssl.c: In function ‘ssl_key_from_pem’:
libs/ssl/ssl.c:622:21: error: too few arguments to function ‘mbedtls_pk_parse_key’
622 | r = mbedtls_pk_parse_key(pk, buf, len, NULL, 0);
| ^~~~~~~~~~~~~~~~~~~~
/usr/include/mbedtls/pk.h:830:5: note: declared here
830 | int mbedtls_pk_parse_key(mbedtls_pk_context *ctx,
| ^~~~~~~~~~~~~~~~~~~~
libs/ssl/ssl.c:624:21: error: too few arguments to function ‘mbedtls_pk_parse_key’
624 | r = mbedtls_pk_parse_key(pk, buf, len, (const unsigned char*)pass, strlen((char*)pass));
| ^~~~~~~~~~~~~~~~~~~~
/usr/include/mbedtls/pk.h:830:5: note: declared here
830 | int mbedtls_pk_parse_key(mbedtls_pk_context *ctx,
| ^~~~~~~~~~~~~~~~~~~~
libs/ssl/ssl.c: In function ‘ssl_dgst_sign’:
libs/ssl/ssl.c:681:96: warning: passing argument 6 of ‘mbedtls_pk_sign’ makes integer from pointer without a cast [-Wint-conversion]
681 | if ((r = mbedtls_pk_sign(key->k, mbedtls_md_get_type(md), hash, 0, out, (size ? &ssize : NULL), mbedtls_ctr_drbg_random, &ctr_drbg)) != 0){
| ~~~~~~~~~~~~~~~^~~~~~~
| |
| size_t * {aka long unsigned int *}
/usr/include/mbedtls/pk.h:576:48: note: expected ‘size_t’ {aka ‘long unsigned int’} but argument is of type ‘size_t *’ {aka ‘long unsigned int *’}
576 | unsigned char *sig, size_t sig_size, size_t *sig_len,
| ~~~~~~~^~~~~~~~
libs/ssl/ssl.c:681:105: warning: passing argument 7 of ‘mbedtls_pk_sign’ from incompatible pointer type [-Wincompatible-pointer-types]
681 | if ((r = mbedtls_pk_sign(key->k, mbedtls_md_get_type(md), hash, 0, out, (size ? &ssize : NULL), mbedtls_ctr_drbg_random, &ctr_drbg)) != 0){
| ^~~~~~~~~~~~~~~~~~~~~~~
| |
| int (*)(void *, unsigned char *, size_t) {aka int (*)(void *, unsigned char *, long unsigned int)}
/usr/include/mbedtls/pk.h:576:66: note: expected ‘size_t *’ {aka ‘long unsigned int *’} but argument is of type ‘int (*)(void *, unsigned char *, size_t)’ {aka ‘int (*)(void *, unsigned char *, long unsigned int)’}
576 | unsigned char *sig, size_t sig_size, size_t *sig_len,
| ~~~~~~~~^~~~~~~
libs/ssl/ssl.c:681:130: warning: passing argument 8 of ‘mbedtls_pk_sign’ from incompatible pointer type [-Wincompatible-pointer-types]
681 | if ((r = mbedtls_pk_sign(key->k, mbedtls_md_get_type(md), hash, 0, out, (size ? &ssize : NULL), mbedtls_ctr_drbg_random, &ctr_drbg)) != 0){
| ^~~~~~~~~
| |
| mbedtls_ctr_drbg_context *
/usr/include/mbedtls/pk.h:577:27: note: expected ‘int (*)(void *, unsigned char *, size_t)’ {aka ‘int (*)(void *, unsigned char *, long unsigned int)’} but argument is of type ‘mbedtls_ctr_drbg_context *’
577 | int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
| ~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
libs/ssl/ssl.c:681:18: error: too few arguments to function ‘mbedtls_pk_sign’
681 | if ((r = mbedtls_pk_sign(key->k, mbedtls_md_get_type(md), hash, 0, out, (size ? &ssize : NULL), mbedtls_ctr_drbg_random, &ctr_drbg)) != 0){
| ^~~~~~~~~~~~~~~
/usr/include/mbedtls/pk.h:574:5: note: declared here
574 | int mbedtls_pk_sign(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
| ^~~~~~~~~~~~~~~
make: *** [Makefile:257: libs/ssl/ssl.o] Error 1
make: *** Waiting for unfinished jobs....
==> ERROR: A failure occurred in build().
Aborting...
-> error making: hashlink-git-exit status 4
-> Failed to install the following packages. Manual intervention is required:
hashlink-git - exit status 4
same
idk seems like it's not compatible with arch's extra/mbedtls 3.4.0-3 package
File x509_crt.h
Bubuntu package in sid:
int ext_types; /**< Bit string containing detected and parsed extensions */
int ca_istrue; /**< Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. */
int max_pathlen; /**< Optional Basic Constraint extension value: The maximum path length to the root certificate. Path length is 1 higher than RFC 5280 'meaning', so 1+ */
unsigned int key_usage; /**< Optional key usage extension value: See the values in x509.h */
mbedtls_x509_sequence ext_key_usage; /**< Optional list of extended key usage OIDs. */Rach linuhh:
int MBEDTLS_PRIVATE(ext_types); /**< Bit string containing detected and parsed extensions */
int MBEDTLS_PRIVATE(ca_istrue); /**< Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. */
int MBEDTLS_PRIVATE(max_pathlen); /**< Optional Basic Constraint extension value: The maximum path length to the root certificate. Path length is 1 higher than RFC 5280 'meaning', so 1+ */
unsigned int MBEDTLS_PRIVATE(key_usage); /**< Optional key usage extension value: See the values in x509.h */
mbedtls_x509_sequence ext_key_usage; /**< Optional list of extended key usage OIDs. */
unsigned char MBEDTLS_PRIVATE(ns_cert_type); /**< Optional Netscape certificate type extension value: See the values in x509.h */See? MBEDTLS_PRIVATE!!!!!!!
Oh, I see
Mbed-TLS/mbedtls#4372
Conclusion: hashlink fix your thing that breaks encapsulation
😜
Аниме на аве мать в канаве
Maintainer of the hashlink AUR package here.
Just an fyi, I won't be removing mbedtls as a dependency as it still can't compile under that condition due to:
https://github.com/HaxeFoundation/hashlink/blob/1.13/libs/CMakeLists.txt#L43-L48
And if I do remove it from the list:
libs/ssl/ssl.c:25:10: fatal error: mbedtls/platform.h: No such file or directory
25 | #include "mbedtls/platform.h"
And assuming I somehow address that, doesn't change the fact that the included mbedtls isn't built under linux, leading to it still being broken.
I'm sure there is some fiddling to be had here, in particular convincing hashlink to build a version of its mbedtls under linux, but I'm not about to fight with patches to make that work as is.
hashlink-git also suffers from the exact same problem so it still exists even in HEAD.
The simplest solution for the AUR package would be to depend on the mbedtls2 package instead and fiddle with the compiler flags:
diff --git a/Makefile b/Makefile
index 52c46e3..1763c8a 100644
--- a/Makefile
+++ b/Makefile
@@ -110,9 +110,11 @@ LIB += ${HL_DEBUG}
else
# Linux
-CFLAGS += -m$(MARCH) -fPIC -pthread -fno-omit-frame-pointer
+CFLAGS += -m$(MARCH) -fPIC -pthread -fno-omit-frame-pointer -I /usr/include/mbedtls2
LFLAGS += -lm -Wl,-rpath,.:'$$ORIGIN':$(INSTALL_LIB_DIR) -Wl,--export-dynamic -Wl,--no-undefined
+LIBFLAGS+=-L/usr/lib/mbedtls2
+
ifeq ($(MARCH),32)
CFLAGS += -I /usr/include/i386-linux-gnu
LIBFLAGS += -L/opt/libjpeg-turbo/libGood news to all, Makefile has been patched, thanks @Apprentice-Alchemist https://aur.archlinux.org/packages/hashlink
Hey, just a quick comment, that the AUR patch above does not work for CMake scenario. I use CMake to build Hashlink across platforms. The reason is CMake depends on its find_package statement for building, and the system-wise Cmake uses configuration file from package mbedtls v3.4.1, which sets /usr/lib/cmake/MbedTLS/MbedTLSConfigVersion.cmake to 3.4.1. I won't ask for an upgrade to mbedtls 3.x because I know some systems like ubuntu is still on 2.28.x.
I work-arounded it by disabling SSL (build command: cmake .. -DWITH_SSL=off). It works for me because I don't use SSL at all, but not a true fix.
So my question is: is it possible we just always use the checked-in source code under include/mbedtls/ folder for all platforms? This can completely remove the external dependency, which benefits when we compile hashlink that portable across Linux builds (a typical scenario is to build a Hashlink for Steam runtime), which may be a good idea.
Or, is there any reason that we prefer system provided over checked-in dependencies?
// See libs/ssl/CMakeList.txt
if (WIN32)
...
else()
find_package(MbedTLS REQUIRED) // Here it goes to /usr/lib/cmake/MbedTLS/MbedTLSConfigVersion.cmake
add_library(ssl.hdll SHARED
ssl.c)
endif
Using the checked in deps would indeed fix this issue, but I would only recommend that if the checked in version of mbedtls was up to date (at the moment its 5 years out of date).
There is a PR to update it, but it hasn't been merged yet: #594
Thanks. Yes, it makes sense we should update the code first. Will wait for the PR.