用NTPv4编译ARM的OpenSSL错误

Question

该错误遵循"ntp_crypto.c:2248:2: error:未知类型名称'DSA_SIG'；您的意思是‘ECDSA_SIG’吗？“

make失败的输出如下：

tp_crypto.c: In function 'crypto_alice':

ntp_crypto.c:2188:13: warning: implicit declaration of function 'EVP_PKEY_get0_DSA'; did you mean 'EVP_PKEY_get0_RSA'? [-Wimplicit-function-declaration]

  if ((dsa = EVP_PKEY_get0_DSA(peer->ident_pkey->pkey)) == NULL) {

             ^~~~~~~~~~~~~~~~~

             EVP_PKEY_get0_RSA

ntp_crypto.c:2188:11: warning: assignment makes pointer from integer without a cast [-Wint-conversion]

  if ((dsa = EVP_PKEY_get0_DSA(peer->ident_pkey->pkey)) == NULL) {

           ^

ntp_crypto.c:2199:2: warning: implicit declaration of function 'DSA_get0_pqg'; did you mean 'DH_get0_pqg'? [-Wimplicit-function-declaration]

  DSA_get0_pqg(dsa, NULL, &q, NULL);

  ^~~~~~~~~~~~

  DH_get0_pqg

ntp_crypto.c: In function 'crypto_bob':

ntp_crypto.c:2248:2: error: unknown type name 'DSA_SIG'; did you mean 'ECDSA_SIG'?

  DSA_SIG *sdsa;  /* DSA signature context fake */

  ^~~~~~~

  ECDSA_SIG

ntp_crypto.c:2266:6: warning: assignment makes pointer from integer without a cast [-Wint-conversion]

  dsa = EVP_PKEY_get0_DSA(iffkey_info->pkey);

      ^

ntp_crypto.c:2268:2: warning: implicit declaration of function 'DSA_get0_key'; did you mean 'RSA_get0_key'? [-Wimplicit-function-declaration]

  DSA_get0_key(dsa, NULL, &priv_key);

  ^~~~~~~~~~~~

  RSA_get0_key

ntp_crypto.c:2287:9: warning: implicit declaration of function 'DSA_SIG_new'; did you mean 'ECDSA_SIG_new'? [-Wimplicit-function-declaration]

  sdsa = DSA_SIG_new();

         ^~~~~~~~~~~

         ECDSA_SIG_new

ntp_crypto.c:2287:7: warning: assignment makes pointer from integer without a cast [-Wint-conversion]

  sdsa = DSA_SIG_new();

       ^

ntp_crypto.c:2294:2: warning: implicit declaration of function 'DSA_SIG_set0'; did you mean 'ECDSA_SIG_set0'? [-Wimplicit-function-declaration]

  DSA_SIG_set0(sdsa, bn, bk);

  ^~~~~~~~~~~~

  ECDSA_SIG_set0

ntp_crypto.c:2299:3: warning: implicit declaration of function 'DSA_print_fp'; did you mean 'RSA_print_fp'? [-Wimplicit-function-declaration]

   DSA_print_fp(stdout, dsa, 0);

   ^~~~~~~~~~~~

   RSA_print_fp

ntp_crypto.c:2306:8: warning: implicit declaration of function 'i2d_DSA_SIG'; did you mean 'i2d_ECDSA_SIG'? [-Wimplicit-function-declaration]

  len = i2d_DSA_SIG(sdsa, NULL);

        ^~~~~~~~~~~

        i2d_ECDSA_SIG

ntp_crypto.c:2310:3: warning: implicit declaration of function 'DSA_SIG_free'; did you mean 'ECDSA_SIG_free'? [-Wimplicit-function-declaration]

   DSA_SIG_free(sdsa);

   ^~~~~~~~~~~~

   ECDSA_SIG_free

ntp_crypto.c: In function 'crypto_iff':

ntp_crypto.c:2363:2: error: unknown type name 'DSA_SIG'; did you mean 'ECDSA_SIG'?

  DSA_SIG *sdsa;  /* DSA parameters */

  ^~~~~~~

  ECDSA_SIG

ntp_crypto.c:2385:11: warning: assignment makes pointer from integer without a cast [-Wint-conversion]

  if ((dsa = EVP_PKEY_get0_DSA(peer->ident_pkey->pkey)) == NULL) {

           ^

ntp_crypto.c:2400:14: warning: implicit declaration of function 'd2i_DSA_SIG'; did you mean 'd2i_ECDSA_SIG'? [-Wimplicit-function-declaration]

  if ((sdsa = d2i_DSA_SIG(NULL, &ptr, len)) == NULL) {

              ^~~~~~~~~~~

              d2i_ECDSA_SIG

ntp_crypto.c:2400:12: warning: assignment makes pointer from integer without a cast [-Wint-conversion]

  if ((sdsa = d2i_DSA_SIG(NULL, &ptr, len)) == NULL) {

            ^

ntp_crypto.c:2412:2: warning: implicit declaration of function 'DSA_SIG_get0'; did you mean 'ECDSA_SIG_get0'? [-Wimplicit-function-declaration]

  DSA_SIG_get0(sdsa, &r, &s);

  ^~~~~~~~~~~~

  ECDSA_SIG_get0

ntp_crypto.c: In function 'crypto_bob2':

ntp_crypto.c:2578:2: error: unknown type name 'DSA_SIG'; did you mean 'ECDSA_SIG'?

  DSA_SIG *sdsa;  /* DSA parameters */

  ^~~~~~~

  ECDSA_SIG

ntp_crypto.c:2616:7: warning: assignment makes pointer from integer without a cast [-Wint-conversion]

  sdsa = DSA_SIG_new();

       ^

ntp_crypto.c: In function 'crypto_gq':

ntp_crypto.c:2686:2: error: unknown type name 'DSA_SIG'; did you mean 'ECDSA_SIG'?

  DSA_SIG *sdsa;  /* RSA signature context fake */

  ^~~~~~~

  ECDSA_SIG

ntp_crypto.c:2726:12: warning: assignment makes pointer from integer without a cast [-Wint-conversion]

  if ((sdsa = d2i_DSA_SIG(NULL, &ptr, len)) == NULL) {

            ^

ntp_crypto.c: In function 'crypto_alice3':

ntp_crypto.c:2862:11: warning: assignment makes pointer from integer without a cast [-Wint-conversion]

  if ((dsa = EVP_PKEY_get0_DSA(peer->ident_pkey->pkey)) == NULL) {

           ^

ntp_crypto.c: In function 'crypto_bob3':

ntp_crypto.c:2940:6: warning: assignment makes pointer from integer without a cast [-Wint-conversion]

  dsa = EVP_PKEY_get0_DSA(mvkey_info->pkey);

      ^

ntp_crypto.c:2962:9: warning: implicit declaration of function 'DSA_new'; did you mean 'RSA_new'? [-Wimplicit-function-declaration]

  sdsa = DSA_new();

         ^~~~~~~

         RSA_new

ntp_crypto.c:2962:7: warning: assignment makes pointer from integer without a cast [-Wint-conversion]

  sdsa = DSA_new();

       ^

ntp_crypto.c:2975:2: warning: implicit declaration of function 'DSA_set0_key'; did you mean 'RSA_set0_key'? [-Wimplicit-function-declaration]

  DSA_set0_key(sdsa, BN_dup(pub_key), NULL);

  ^~~~~~~~~~~~

  RSA_set0_key

ntp_crypto.c:2976:2: warning: implicit declaration of function 'DSA_set0_pqg'; did you mean 'DH_set0_pqg'? [-Wimplicit-function-declaration]

  DSA_set0_pqg(sdsa, sp, sq, sg);

  ^~~~~~~~~~~~

  DH_set0_pqg

ntp_crypto.c:2991:8: warning: implicit declaration of function 'i2d_DSAparams'; did you mean 'i2d_DHxparams'? [-Wimplicit-function-declaration]

  len = i2d_DSAparams(sdsa, NULL);

        ^~~~~~~~~~~~~

        i2d_DHxparams

ntp_crypto.c:2995:3: warning: implicit declaration of function 'DSA_free'; did you mean 'RSA_free'? [-Wimplicit-function-declaration]

   DSA_free(sdsa);

   ^~~~~~~~

   RSA_free

ntp_crypto.c: In function 'crypto_mv':

ntp_crypto.c:3060:11: warning: assignment makes pointer from integer without a cast [-Wint-conversion]

  if ((dsa = EVP_PKEY_get0_DSA(peer->ident_pkey->pkey)) == NULL) {

           ^

ntp_crypto.c:3077:14: warning: implicit declaration of function 'd2i_DSAparams'; did you mean 'd2i_DHxparams'? [-Wimplicit-function-declaration]

  if ((sdsa = d2i_DSAparams(NULL, &ptr, len)) == NULL) {

              ^~~~~~~~~~~~~

              d2i_DHxparams

ntp_crypto.c:3077:12: warning: assignment makes pointer from integer without a cast [-Wint-conversion]

  if ((sdsa = d2i_DSAparams(NULL, &ptr, len)) == NULL) {

这些是ntp_crypto.c的头：

/*
 * ntp_crypto.c - NTP version 4 public key routines
 */
#ifdef HAVE_CONFIG_H
#include 
#endif

#ifdef AUTOKEY
#include 
#include  /* strtoul */
#include 
#include 
#include 
#include 

#include "ntpd.h"
#include "ntp_stdlib.h"
#include "ntp_unixtime.h"
#include "ntp_string.h"
#include "ntp_random.h"
#include "ntp_assert.h"
#include "ntp_calendar.h"
#include "ntp_leapsec.h"
#include 

#include "openssl/asn1.h"
#include "openssl/bn.h"
#include "openssl/crypto.h"
#include "openssl/err.h"
#include "openssl/evp.h"
#include "openssl/opensslv.h"
#include "openssl/pem.h"
#include "openssl/rand.h"
#include "openssl/x509.h"
#include "openssl/x509v3.h"
#include "libssl_compat.h"

#ifdef KERNEL_PLL
#include "ntp_syscall.h"
#endif /* KERNEL_PLL */

我使用的是OpenSSL v1.1.1

这是./配置选项：

#!/bin/sh



# Configure software package.

configure()

{

  cd $packageDir



  ./bootstrap

  ./configure --host=arm-linux --with-yielding-select=yes  --with-crypto=openssl --enable-linuxcaps \

        --with-openssl-incdir=$OPENSSL_DIR/install-arm/include/ \

        --with-openssl-libdir=$OPENSSL_DIR/install-arm/lib/ \



  return $?

}

Answer 1

见NTP Bugzilla中的Bug #3756。

2022-02-10 16:34:50 UTC需要OpenSSL版本1.0.2，不再受支持。1.1.1版只会再支持一年。它需要更新以使用3.0。

bug状态是IN_PROGRESS，但是没有编写进一步的注释。这表明稳定版本的NTPv4仍然需要OpenSSL 1.0.2，这是过时的。您的问题可能源于OpenSSL 1.0.2和1.1.1之间的差异，或者您安装的OpenSSL版本可能是使用完全禁用的推荐的DSA算法构建的。

自2020年6月以来，NTPv4 (软件套件)的开发似乎停滞不前，例如RedHat最近似乎更喜欢chronyd。开发人员信息页面说是源代码应该在Github.，但我看到这里根本没有最近的活动，NTPv4 Bugzilla头版上的链接提供了2019年的开发版本和2020年的稳定版本，这两个版本都比Git存储库的内容更新。