git-crypt 0.7.0 does not build with openssl 3.1.0 #290
Description
I was trying to build git-crypt with OpenSSL 3.1.0 on Alpine 3.18.
Steps to reproduce:
- Create Dockerfile:
FROM alpine:3.18
ARG VERSION=0.7.0
RUN apk --no-cache add \
bash \
curl \
git \
g++ \
make \
openssh \
openssl \
openssl-dev
RUN curl -L https://github.com/AGWA/git-crypt/archive/${VERSION}.tar.gz | tar zxv -C /tmp
RUN cd /tmp/git-crypt-${VERSION} && make && make install
CMD ["/bin/git-crypt"]
- Run
docker build - < Dockerfile
Result:
/tmp/git-crypt-0.7.0 # make
g++ -Wall -pedantic -Wno-long-long -O2 -std=c++11 -c -o git-crypt.o git-crypt.cpp
g++ -Wall -pedantic -Wno-long-long -O2 -std=c++11 -c -o commands.o commands.cpp
g++ -Wall -pedantic -Wno-long-long -O2 -std=c++11 -c -o crypto.o crypto.cpp
g++ -Wall -pedantic -Wno-long-long -O2 -std=c++11 -c -o gpg.o gpg.cpp
g++ -Wall -pedantic -Wno-long-long -O2 -std=c++11 -c -o key.o key.cpp
g++ -Wall -pedantic -Wno-long-long -O2 -std=c++11 -c -o util.o util.cpp
g++ -Wall -pedantic -Wno-long-long -O2 -std=c++11 -c -o parse_options.o parse_options.cpp
g++ -Wall -pedantic -Wno-long-long -O2 -std=c++11 -c -o coprocess.o coprocess.cpp
g++ -Wall -pedantic -Wno-long-long -O2 -std=c++11 -c -o fhstream.o fhstream.cpp
g++ -Wall -pedantic -Wno-long-long -O2 -std=c++11 -c -o crypto-openssl-10.o crypto-openssl-10.cpp
crypto-openssl-10.cpp: In constructor 'Aes_ecb_encryptor::Aes_ecb_encryptor(const unsigned char*)':
crypto-openssl-10.cpp:59:32: warning: 'int AES_set_encrypt_key(const unsigned char*, int, AES_KEY*)' is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declaration]
59 | if (AES_set_encrypt_key(raw_key, KEY_LEN * 8, &(impl->key)) != 0) {
| ~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from crypto-openssl-10.cpp:38:
/usr/include/openssl/aes.h:51:5: note: declared here
51 | int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
| ^~~~~~~~~~~~~~~~~~~
crypto-openssl-10.cpp: In member function 'void Aes_ecb_encryptor::encrypt(const unsigned char*, unsigned char*)':
crypto-openssl-10.cpp:74:20: warning: 'void AES_encrypt(const unsigned char*, unsigned char*, const AES_KEY*)' is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
74 | AES_encrypt(plain, cipher, &(impl->key));
| ~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/include/openssl/aes.h:57:6: note: declared here
57 | void AES_encrypt(const unsigned char *in, unsigned char *out,
| ^~~~~~~~~~~
crypto-openssl-10.cpp: At global scope:
crypto-openssl-10.cpp:78:18: error: field 'ctx' has incomplete type 'HMAC_CTX' {aka 'hmac_ctx_st'}
78 | HMAC_CTX ctx;
| ^~~
In file included from /usr/include/openssl/evp.h:26,
from /usr/include/openssl/hmac.h:21,
from crypto-openssl-10.cpp:40:
/usr/include/openssl/types.h:135:16: note: forward declaration of 'HMAC_CTX' {aka 'struct hmac_ctx_st'}
135 | typedef struct hmac_ctx_st HMAC_CTX;
| ^~~~~~~~~~~
crypto-openssl-10.cpp: In destructor 'Hmac_sha1_state::~Hmac_sha1_state()':
crypto-openssl-10.cpp:92:9: error: 'HMAC_cleanup' was not declared in this scope; did you mean 'RAND_cleanup'?
92 | HMAC_cleanup(&(impl->ctx));
| ^~~~~~~~~~~~
| RAND_cleanup
make: *** [<builtin>: crypto-openssl-10.o] Error 1
Build works with Alpine 3.16, but starting with Alpine 3.17 it doesn't work.
That happens because Alpine 3.16 is shipped with OpenSSL 1.1.1t 7 Feb 2023 and Alpine 3.17 uses OpenSSL 3.0.8 7 Feb 2023 (Library: OpenSSL 3.0.8 7 Feb 2023). Just in case, Alpine 3.18 uses OpenSSL 3.1.0 14 Mar 2023 (Library: OpenSSL 3.1.0 14 Mar 2023).