Bug 1383651

Summary: perl-Crypt-OpenSSL-DSA-0.15-5.fc26 FTBFS: dereferencing pointer to incomplete type 'DSA {aka struct dsa_st}'
Product: [Fedora] Fedora Reporter: Petr Pisar <ppisar>
Component: perl-Crypt-OpenSSL-DSAAssignee: Petr Pisar <ppisar>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: perl-devel, wjhns174
Target Milestone: ---Keywords: Patch, Reopened
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: perl-Crypt-OpenSSL-DSA-0.15-7.fc26 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-11-01 08:49:32 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1383740    

Description Petr Pisar 2016-10-11 11:21:17 UTC 
perl-Crypt-OpenSSL-DSA-0.15-5.fc26 fails to build in F25:

gcc -c   -D_REENTRANT -D_GNU_SOURCE -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -fwrapv -fno-strict-aliasing -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -g   -DVERSION=\"0.15\" -DXS_VERSION=\"0.15\" -fPIC "-I/usr/lib64/perl5/CORE"  -DPERL5 DSA.c
[...]
DSA.xs: In function 'XS_Crypt__OpenSSL__DSA_get_p':
DSA.xs:264:28: error: dereferencing pointer to incomplete type 'DSA {aka struct dsa_st}'
         len = BN_bn2bin(dsa->p, to);
                            ^~

This is caused by upgrading openssl from 1:1.0.2j-1.fc26 to 1:1.1.0b-1.fc26.
Comment 1 Petr Pisar 2016-10-14 11:14:40 UTC 
I posted a fix to the upstream bug report.
Comment 2 Petr Pisar 2016-10-27 08:25:21 UTC 
No reply from upstream in two weeks. I will apply it into Fedora.
Comment 3 Petr Pisar 2016-11-01 07:27:15 UTC 
After applying the fix, perl-Net-DNS-SEC tests fail in:

    my $dsa = Crypt::OpenSSL::DSA->new();           # private key

    $dsa->set_p( decode_base64 $private->prime );
    $dsa->set_q( decode_base64 $private->subprime );
    $dsa->set_g( decode_base64 $private->base );

→   $dsa->set_priv_key( decode_base64 $private->private_value );

With message:

Could not set a key at lib/Net/DNS/SEC/DSA.pm line 75.
signature generation failed at t/10-keyset.t line 112.
Comment 4 Petr Pisar 2016-11-01 08:49:32 UTC 
The issue is new OpenSSL does support setting a private key before a public key. I added a code that allows it on the XS level.