[Bug 2045256] Re: transition the code to OpenSSL 3.x
Dimitri John Ledkov
2045256 at bugs.launchpad.net
Thu Nov 30 21:01:01 UTC 2023
Ubuntu is not upstream for this package. Whilst we could patch it, it
would be best to request this feature from upstream (or even contribute
to them) https://groups.io/g/sbsigntools
Also keeping this obsolete APIs helps with ability to run this tool on a
wide range of old releases, which might be used as signing services.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to sbsigntool in Ubuntu.
https://bugs.launchpad.net/bugs/2045256
Title:
transition the code to OpenSSL 3.x
Status in sbsigntool package in Ubuntu:
Fix Released
Bug description:
When building the current version with OpenSSL 3.0.2 on Ubuntu 22.04.3
LTS, the build fails with bunch of errors due to deprecated OpenSSL
APIs used, such as
ENGINE_load_builtin_engines
ENGINE_by_id
ENGINE_init
ENGINE_load_private_key
ENGINE_finish
ENGINE_free
SHA256_Init
SHA256_Update
SHA256_Final
...
etc.
The failure happened because -Werror is used for the build. Can be suppressed with -Wno-deprecated-declarations however the OpenSSL 3.x API transition would be good to do anyway.
The direct access to low level SHA256 APIs can be replaced with EVP
APIs. The ENGINE APIs were deprecated in favor of the PROVIDER model
in OpenSSL 3.x so might be a bit of work.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sbsigntool/+bug/2045256/+subscriptions
More information about the foundations-bugs
mailing list