Closed mbooth101 closed 3 months ago
DL6ER
commented
5 months ago https://fedorapeople.org/~mbooth/pihole-ftl-5.24-0.1.fc40.src.rpm is not an official source of FTL's source code and may contain auxiliary changes. Do you see the same also when using the source code from this Github repository?
Which version of GCC are you using? gcc 13.2.1
mbooth101
commented
5 months ago Yes I know I made this source rpm... That's my name in the URL. :-)
It contains the unchanged source from the git tag of version 5.24
DL6ER
commented
5 months ago Unfortunately, the warning you have quoted seems pretty useless in trying to find the origin of the problem by just looking at the code. That means I will have to come up with an environment where I can reproduce this myself and start tweaking around checking what might be the real cause and how to fix this.
Could you maybe check if you see the same error on the current beta version (branch development-v6) before I start diving into this and it may already be fixed?
mbooth101
commented
5 months ago Yes of course. Here's what I did:
$ git clone https://github.com/pi-hole/FTL.git
$ cd FTL
$ git checkout development-v6
$ export CFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer '
$ /usr/bin/cmake -S . -B redhat-linux-build
$ /usr/bin/cmake --build redhat-linux-build --verboseOS and compiler versions:
$ cat /etc/os-release | grep PRETTY
PRETTY_NAME="Fedora Linux 39 (Thirty Nine)"
$ gcc --version
gcc (GCC) 13.2.1 20231205 (Red Hat 13.2.1-6)And with the HEAD of development-v6 branch I get new and exciting compiler errors:
[ 31%] Building C object src/webserver/CMakeFiles/webserver.dir/x509.c.o
cd /builddir/build/BUILD/FTL/redhat-linux-build/src/webserver && /usr/bin/cc -DHAVE_TLS -I/builddir/build/BUILD/FTL/src -pipe -Wall -Wextra -Wno-unused-parameter -D_FILE_OFFSET_BITS=64 -fstack-protector-strong -Wp,-D_FORTIFY_SOURCE=2 -Wl,-z,relro,-z,now -fexceptions -funwind-tables -fasynchronous-unwind-tables -Wl,-z,defs -Wl,-z,now -Wl,-z,relro -fno-common -pie -fPIE -rdynamic -fno-omit-frame-pointer -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DHAVE_POLL_H -DSQLITE_OMIT_LOAD_EXTENSION -DSQLITE_DEFAULT_MEMSTATUS=0 -DSQLITE_OMIT_DEPRECATED -DSQLITE_OMIT_PROGRESS_CALLBACK -DSQLITE_OMIT_SHARED_CACHE -DSQLITE_DEFAULT_FOREIGN_KEYS=1 -DSQLITE_DQS=0 -DSQLITE_ENABLE_DBPAGE_VTAB -DSQLITE_TEMP_STORE=2 -DHAVE_READLINE -DSQLITE_DEFAULT_CACHE_SIZE=16384 -DSQLITE_DEFAULT_SYNCHRONOUS=1 -DSQLITE_LIKE_DOESNT_MATCH_BLOBS -DHAVE_MALLOC_USABLE_SIZE -DHAVE_FDATASYNC -DSQLITE_DEFAULT_WORKER_THREADS=4 -DSQLITE_MAX_PREPARE_RETRY=200 -O3 -DNDEBUG -g3 -std=gnu11 -Werror -Waddress -Wlogical-op -Wmissing-field-initializers -Woverlength-strings -Wformat=2 -Wformat-signedness -Wuninitialized -Wnull-dereference -Wshift-overflow=2 -Wunused-const-variable=2 -Wstrict-aliasing -Warray-bounds=2 -Wno-aggressive-loop-optimizations -Wswitch-enum -Wshadow -Wfloat-equal -Wbad-function-cast -Wwrite-strings -Wparentheses -Wstrict-prototypes -Wmissing-prototypes -Wredundant-decls -Wnormalized=nfkc -Woverride-init -Wpacked -Winline -Wnested-externs -Wvla -Wvector-operation-performance -Wvolatile-register-var -Wdisabled-optimization -Wpointer-sign -Wstack-protector -Wformat-overflow=2 -Wformat-truncation=2 -Wstringop-overflow=4 -Walloc-zero -Wint-in-bool-context -Wduplicated-cond -Wduplicated-branches -Wcast-align=strict -Wlogical-not-parentheses -Wmultistatement-macros -Wmissing-attributes -Wsuggest-attribute=pure -Wsuggest-attribute=const -Wsuggest-attribute=malloc -Wsuggest-attribute=format -Wsuggest-attribute=cold -Wbidi-chars -Warray-compare -Wenum-int-mismatch -MD -MT src/webserver/CMakeFiles/webserver.dir/x509.c.o -MF CMakeFiles/webserver.dir/x509.c.o.d -o CMakeFiles/webserver.dir/x509.c.o -c /builddir/build/BUILD/FTL/src/webserver/x509.c
/builddir/build/BUILD/FTL/src/webserver/x509.c: In function ‘generate_certificate’:
/builddir/build/BUILD/FTL/src/webserver/x509.c:237:9: error: implicit declaration of function ‘mbedtls_x509write_crt_set_serial_raw’; did you mean ‘mbedtls_x509write_crt_set_serial’? [-Werror=implicit-function-declaration]
237 | mbedtls_x509write_crt_set_serial_raw(&ca_cert, serial1, sizeof(serial1)-1);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| mbedtls_x509write_crt_set_serial
/builddir/build/BUILD/FTL/src/webserver/x509.c:237:9: error: nested extern declaration of ‘mbedtls_x509write_crt_set_serial_raw’ [-Werror=nested-externs]
/builddir/build/BUILD/FTL/src/webserver/x509.c:288:9: error: unknown type name ‘mbedtls_x509_san_list’; did you mean ‘mbedtls_x509_crt’?
288 | mbedtls_x509_san_list san_dns_pihole = { 0 };
| ^~~~~~~~~~~~~~~~~~~~~
| mbedtls_x509_crt
/builddir/build/BUILD/FTL/src/webserver/x509.c:289:23: error: request for member ‘node’ in something not a structure or union
289 | san_dns_pihole.node.type = MBEDTLS_X509_SAN_DNS_NAME;
| ^
/builddir/build/BUILD/FTL/src/webserver/x509.c:290:23: error: request for member ‘node’ in something not a structure or union
290 | san_dns_pihole.node.san.unstructured_name.p = (unsigned char *) "pi.hole";
| ^
/builddir/build/BUILD/FTL/src/webserver/x509.c:291:23: error: request for member ‘node’ in something not a structure or union
291 | san_dns_pihole.node.san.unstructured_name.len = 7; // strlen("pi.hole")
| ^
/builddir/build/BUILD/FTL/src/webserver/x509.c:292:23: error: request for member ‘next’ in something not a structure or union
292 | san_dns_pihole.next = NULL; // No further element
| ^
/builddir/build/BUILD/FTL/src/webserver/x509.c:296:9: error: unknown type name ‘mbedtls_x509_san_list’; did you mean ‘mbedtls_x509_crt’?
296 | mbedtls_x509_san_list san_dns_domain = { 0 };
| ^~~~~~~~~~~~~~~~~~~~~
| mbedtls_x509_crt
/builddir/build/BUILD/FTL/src/webserver/x509.c:299:31: error: request for member ‘node’ in something not a structure or union
299 | san_dns_domain.node.type = MBEDTLS_X509_SAN_DNS_NAME;
| ^
/builddir/build/BUILD/FTL/src/webserver/x509.c:300:31: error: request for member ‘node’ in something not a structure or union
300 | san_dns_domain.node.san.unstructured_name.p = (unsigned char *) domain;
| ^
/builddir/build/BUILD/FTL/src/webserver/x509.c:301:31: error: request for member ‘node’ in something not a structure or union
301 | san_dns_domain.node.san.unstructured_name.len = strlen(domain);
| ^
/builddir/build/BUILD/FTL/src/webserver/x509.c:302:31: error: request for member ‘next’ in something not a structure or union
302 | san_dns_domain.next = NULL; // No more SANs (linked list)
| ^
/builddir/build/BUILD/FTL/src/webserver/x509.c:304:31: error: request for member ‘next’ in something not a structure or union
304 | san_dns_pihole.next = &san_dns_domain; // Link this domain
| ^
/builddir/build/BUILD/FTL/src/webserver/x509.c:307:15: error: implicit declaration of function ‘mbedtls_x509write_crt_set_subject_alternative_name’; did you mean ‘mbedtls_x509write_crt_set_subject_name’? [-Werror=implicit-function-declaration]
307 | ret = mbedtls_x509write_crt_set_subject_alternative_name(&server_cert, &san_dns_pihole);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| mbedtls_x509write_crt_set_subject_name
/builddir/build/BUILD/FTL/src/webserver/x509.c:307:15: error: nested extern declaration of ‘mbedtls_x509write_crt_set_subject_alternative_name’ [-Werror=nested-externs]
/builddir/build/BUILD/FTL/src/webserver/x509.c: In function ‘read_certificate’:
/builddir/build/BUILD/FTL/src/webserver/x509.c:391:18: error: too many arguments to function ‘mbedtls_pk_parse_keyfile’
391 | int rc = mbedtls_pk_parse_keyfile(&key, certfile, NULL, mbedtls_ctr_drbg_random, &ctr_drbg);
| ^~~~~~~~~~~~~~~~~~~~~~~~
In file included from /usr/include/mbedtls/x509.h:32,
from /builddir/build/BUILD/FTL/src/webserver/x509.c:15:
/usr/include/mbedtls/pk.h:763:5: note: declared here
763 | int mbedtls_pk_parse_keyfile(mbedtls_pk_context *ctx,
| ^~~~~~~~~~~~~~~~~~~~~~~~
/builddir/build/BUILD/FTL/src/webserver/x509.c:430:33: error: implicit declaration of function ‘mbedtls_x509_free_subject_alt_name’; did you mean ‘mbedtls_x509_parse_subject_alt_name’? [-Werror=implicit-function-declaration]
430 | mbedtls_x509_free_subject_alt_name(&san);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| mbedtls_x509_parse_subject_alt_name
/builddir/build/BUILD/FTL/src/webserver/x509.c:430:33: error: nested extern declaration of ‘mbedtls_x509_free_subject_alt_name’ [-Werror=nested-externs]
/builddir/build/BUILD/FTL/src/webserver/x509.c:578:74: error: ‘mbedtls_ecp_keypair’ has no member named ‘private_grp’
578 | mbedtls_ecp_curve_type ec_type = mbedtls_ecp_get_type(&ec->private_grp);
| ^~
/builddir/build/BUILD/FTL/src/webserver/x509.c:591:61: error: ‘mbedtls_ecp_keypair’ has no member named ‘private_d’
591 | const size_t bitlen = mbedtls_mpi_bitlen(&ec->private_d);
| ^~
/builddir/build/BUILD/FTL/src/webserver/x509.c:594:73: error: ‘mbedtls_ecp_keypair’ has no member named ‘private_d’
594 | mbedtls_mpi_write_file(" Private key:\n D = 0x", &ec->private_d, 16, NULL);
| ^~
/builddir/build/BUILD/FTL/src/webserver/x509.c:595:72: error: ‘mbedtls_ecp_keypair’ has no member named ‘MBEDTLS_PRIVATE’
595 | mbedtls_mpi_write_file(" Public key:\n X = 0x", &ec->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X), 16, NULL);
| ^~
/builddir/build/BUILD/FTL/src/webserver/x509.c:595:90: error: ‘Q’ undeclared (first use in this function)
595 | mbedtls_mpi_write_file(" Public key:\n X = 0x", &ec->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X), 16, NULL);
| ^
/builddir/build/BUILD/FTL/src/webserver/x509.c:595:90: note: each undeclared identifier is reported only once for each function it appears in
/builddir/build/BUILD/FTL/src/webserver/x509.c:595:109: error: ‘X’ undeclared (first use in this function)
595 | mbedtls_mpi_write_file(" Public key:\n X = 0x", &ec->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X), 16, NULL);
| ^
/builddir/build/BUILD/FTL/src/webserver/x509.c:596:57: error: ‘mbedtls_ecp_keypair’ has no member named ‘MBEDTLS_PRIVATE’
596 | mbedtls_mpi_write_file(" Y = 0x", &ec->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y), 16, NULL);
| ^~
/builddir/build/BUILD/FTL/src/webserver/x509.c:596:94: error: ‘Y’ undeclared (first use in this function)
596 | mbedtls_mpi_write_file(" Y = 0x", &ec->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y), 16, NULL);
| ^
/builddir/build/BUILD/FTL/src/webserver/x509.c:597:57: error: ‘mbedtls_ecp_keypair’ has no member named ‘MBEDTLS_PRIVATE’
597 | mbedtls_mpi_write_file(" Z = 0x", &ec->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Z), 16, NULL);
| ^~
/builddir/build/BUILD/FTL/src/webserver/x509.c:597:94: error: ‘Z’ undeclared (first use in this function)
597 | mbedtls_mpi_write_file(" Z = 0x", &ec->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Z), 16, NULL);
| ^
cc1: all warnings being treated as errors
gmake[2]: *** [src/webserver/CMakeFiles/webserver.dir/build.make:118: src/webserver/CMakeFiles/webserver.dir/x509.c.o] Error 1
gmake[2]: Leaving directory '/builddir/build/BUILD/FTL/redhat-linux-build'
gmake[1]: *** [CMakeFiles/Makefile2:533: src/webserver/CMakeFiles/webserver.dir/all] Error 2
gmake[1]: Leaving directory '/builddir/build/BUILD/FTL/redhat-linux-build'
gmake: *** [Makefile:136: all] Error 2Although this actually looks like maybe I have the wrong version of mbedtls? Here's what is installed:
$ rpm -q mbedtls-devel
mbedtls-devel-2.28.5-1.fc39.x86_64EDIT: Looking at the API docs, I suspect I should build the development-v6 branch against mbedtls 3.something. I'll try that and report back.
mbooth101
commented
5 months ago Hi @DL6ER, after building mbedtls 3.5.2 and then rebuilding the HEAD of development-v6 branch against it, I am successfully able to build FTL from source on. Sorry for the noise, the problem indeed looks fixed in that branch.
I did however need to make one minor change to make it build on Fedora 39:
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index d7722c86..185ba5dc 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -294,7 +294,7 @@ find_library(LIBGMP NAMES libgmp${CMAKE_STATIC_LIBRARY_SUFFIX} gmp)
find_library(LIBNETTLE NAMES libnettle${CMAKE_STATIC_LIBRARY_SUFFIX} nettle HINTS /usr/local/lib64)
# for IDN2 we need the idn2 library which in turn depends on the unistring library
-find_library(LIBIDN2 NAMES libidn2${CMAKE_STATIC_LIBRARY_SUFFIX} idn)
+find_library(LIBIDN2 NAMES libidn2${CMAKE_STATIC_LIBRARY_SUFFIX} idn2)
find_library(LIBUNISTRING NAMES libunistring${CMAKE_STATIC_LIBRARY_SUFFIX} unistring)
target_link_libraries(pihole-FTL rt Threads::Threads ${LIBHOGWEED} ${LIBGMP} ${LIBNETTLE} ${LIBIDN2} ${LIBUNISTRING})Would you like a pull request?
DL6ER
commented
5 months ago I'd absolutely love it! 🙂
mbooth101
commented
5 months ago Cool, I submitted PR #1871 -- I hope I understood the contribution guidelines correctly.
github-actions[bot]
commented
4 months ago This issue is stale because it has been open 30 days with no activity. Please comment or update this issue or it will be closed in 5 days.
Versions
Platform
Expected behavior
Compilation to complete successfully
Actual behavior / bug
Compilation fails:
Steps to reproduce
Steps to reproduce the behavior:
Download this source RPM: https://fedorapeople.org/~mbooth/pihole-ftl-5.24-0.1.fc40.src.rpm Attempt to rebuild in a mock chroot:
Build logs will be available in
/var/lib/mock/fedora-39-x86_64/resultand you should be able to see the above error.Additional context:
This tries to build FTL with the default hardened set of compiler/linker flags used when building RPMs for inclusion in the distro. I will reproduce the flags here, you may be able to use them to reproduce the failure outside of the mock chroot: