perl-Crypt-OpenSSL-DSA-0.15-5.fc26 fails to build in F25: gcc -c -D_REENTRANT -D_GNU_SOURCE -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -fwrapv -fno-strict-aliasing -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -g -DVERSION=\"0.15\" -DXS_VERSION=\"0.15\" -fPIC "-I/usr/lib64/perl5/CORE" -DPERL5 DSA.c [...] DSA.xs: In function 'XS_Crypt__OpenSSL__DSA_get_p': DSA.xs:264:28: error: dereferencing pointer to incomplete type 'DSA {aka struct dsa_st}' len = BN_bn2bin(dsa->p, to); ^~ This is caused by upgrading openssl from 1:1.0.2j-1.fc26 to 1:1.1.0b-1.fc26.
I posted a fix to the upstream bug report.
No reply from upstream in two weeks. I will apply it into Fedora.
After applying the fix, perl-Net-DNS-SEC tests fail in: my $dsa = Crypt::OpenSSL::DSA->new(); # private key $dsa->set_p( decode_base64 $private->prime ); $dsa->set_q( decode_base64 $private->subprime ); $dsa->set_g( decode_base64 $private->base ); → $dsa->set_priv_key( decode_base64 $private->private_value ); With message: Could not set a key at lib/Net/DNS/SEC/DSA.pm line 75. signature generation failed at t/10-keyset.t line 112.
The issue is new OpenSSL does support setting a private key before a public key. I added a code that allows it on the XS level.