This bug is used to track the readiness of tboot with OpenSSL 3.0.0. Currently the build fails to build with OpenSSL 3.0.0 with the following logs Task info: https://koji.fedoraproject.org/koji/taskinfo?taskID=78020254 Kindly fix them to ensure this package builds with OpenSSL 3.0.0 You can treat the deprecated warnings not as errors if you want to continue to use deprecated functions, but it is encouraged to use the new APIs, and this migration could be done sooner than later. To not treat deprecated warnings as errors, you may use -Wno-error=deprecated-declarations To port to new APIs, kindly refer to the OpenSSL upstream migration guide: https://www.openssl.org/docs/manmaster/man7/migration_guide.html Thank you
Tboot build still fails with OpenSSL 3.0 on Fedora rawhide: https://kojipkgs.fedoraproject.org//work/tasks/4213/79454213/build.log With attached fix patch(from Lukasz), most build errors are fixed, but there're still some errors remain: https://kojipkgs.fedoraproject.org//work/tasks/4889/79454889/build.log Remaining errors from log: lcputils.c: In function 'verify_ec_signature': lcputils.c:1007:17: error: 'curveName' may be used uninitialized [-Werror=maybe-uninitialized] 1007 | OPENSSL_free((void *) curveName); | ^ lcputils.c:794:21: note: 'curveName' was declared here 794 | const char *curveName; | ^ lcputils.c: In function 'verify_ec_signature': lcputils.c:1007:17: error: 'curveName' may be used uninitialized [-Werror=maybe-uninitialized] 1007 | OPENSSL_free((void *) curveName); | ^ lcputils.c:794:21: note: 'curveName' was declared here 794 | const char *curveName; | ^ lto1: all warnings being treated as errors + tboot upstream owner Pawel. @Pawel, please check if more fixes needed in upstream code. Thanks.
Created attachment 1844283 [details] tboot openssl3 support patch
New tboot release 1.10.3 has added adaptions for OpenSSL 3.0. Fedora tboot package has been updated to 1.10.3 for rawhide and build works fine: https://koji.fedoraproject.org/koji/buildinfo?buildID=1869766
This bug appears to have been reported against 'rawhide' during the Fedora 36 development cycle. Changing version to 36.
The following builds were made after this report was opened: tboot-1.10.4-2.fc37 tboot-1.10.5-1.fc37