search

Netatalk / netatalk

Netatalk is a Free and Open Source AFP fileserver. A *NIX or BSD system running Netatalk is capable of serving many Macintosh clients simultaneously as an AppleShare file server.
https://netatalk.io
GNU General Public License v2.0
344 stars 87 forks source link

Nettle and WolfSSL both define AES_MAX_KEY_SIZE #1430

Closed rdmark closed 1 month ago

rdmark commented 2 months ago

[main branch] Warnings are generated when building with WolfSSL and Nettle:

[1/2] Compiling C object etc/uams/uams_dhx_passwd.so.p/uams_dhx_passwd.c.o
In file included from ../etc/uams/uams_dhx_passwd.c:40:
In file included from /usr/local/Cellar/nettle/3.10/include/nettle/cbc.h:38:
/usr/local/Cellar/nettle/3.10/include/nettle/aes.h:143:9: warning: 'AES_MAX_KEY_SIZE' macro redefined [-Wmacro-redefined]
#define AES_MAX_KEY_SIZE AES256_KEY_SIZE
        ^
/usr/local/Cellar/wolfssl/5.7.2/include/wolfssl/wolfcrypt/settings.h:2608:17: note: previous definition is here
        #define AES_MAX_KEY_SIZE    256
                ^
1 warning generated.
rdmark commented 2 months ago

Was a bug with the wolfssl subproject, which was reverted in https://github.com/Netatalk/netatalk/pull/1440

rdmark commented 1 month ago

Still occurs on macOS (homebrew), FreeBSD, NetBSD, OpenBSD, OmniOS

rdmark commented 1 month ago

There is a very obnoxious circular dependency going on between internal.h in wolfssl and nettle’s aes.h. It has to be resolved by disabling AES altogether.

rdmark commented 1 month ago

After messing around with this for a while, I think the real problem is that headers in our include/wolfssl interferes with system wolfssl headers, causing mismatched flags to be enabled. In order to solve this long term, I think the best course of action is to move the bundled wolfssl to a subproject (again).