May only enable either PS_PUBKEY_OPTIMIZE_FOR_FASTER_SPEED or PS_PUBKEY_OPTIMIZE_FOR_SMALLER_RAM

[eserte]

Seen this compilation failure on my Fedora31 & CentOS8 smokers. It happens only with the system perl, not with self-compiled perls:

...
gcc -c  -I. -Iinc/matrixssl-3-9-3-open -Iinc/matrixssl-3-9-3-open/crypto -D_REENTRANT -D_GNU_SOURCE -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -fwrapv -fno-strict-aliasing -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -Os -Wp,-w -fomit-frame-pointer -fPIC -I./ -I../ -g   -DVERSION=\"v3.9.2\" -DXS_VERSION=\"v3.9.2\" -fPIC "-I/usr/lib64/perl5/CORE"  -DUSE_TLS_RSA_WITH_AES_128_CBC_SHA -DUSE_TLS_RSA_WITH_AES_256_CBC_SHA -DUSE_TLS_RSA_WITH_AES_128_CBC_SHA256 -DUSE_TLS_RSA_WITH_AES_256_CBC_SHA256 -DUSE_TLS_RSA_WITH_AES_128_GCM_SHA256 -DUSE_TLS_RSA_WITH_AES_256_GCM_SHA384 -DUSE_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA -DUSE_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA -DUSE_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 -DUSE_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 -DUSE_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 -DUSE_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 -DUSE_TLS_DHE_PSK_WITH_AES_256_CBC_SHA -DUSE_TLS_DHE_PSK_WITH_AES_128_CBC_SHA -DUSE_TLS_DHE_RSA_WITH_AES_256_CBC_SHA -DUSE_TLS_DHE_RSA_WITH_AES_128_CBC_SHA -DUSE_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 -DUSE_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 -DUSE_AES -DUSE_AES_GCM -DUSE_3DES -DUSE_DES -DUSE_ARC4 -DUSE_RC2 -DUSE_SHA1 -DUSE_SHA256 -DUSE_SHA384 -DUSE_SHA512 -DUSE_MD5 -DUSE_HMAC -DUSE_ECC -DUSE_DH -DUSE_RSA -DUSE_X509 -DUSE_BASE64_DECODE -DUSE_CERT_PARSE -DUSE_FULL_CERT_PARSE -DUSE_PRIVATE_KEY_PARSING -DMATRIX_USE_FILE_SYSTEM -DUSE_CLIENT_SIDE_SSL -DUSE_SERVER_SIDE_SSL -DUSE_TLS_1_0_AND_ABOVE -DDISABLE_SSLV3 -DSSL_SESSION_TABLE_SIZE=32 -DSSL_SESSION_ENTRY_LIFE=86400000 -DUSE_STATELESS_SESSION_TICKETS -DSSL_SESSION_TICKET_LIST_LEN=32 -DENABLE_SECURE_REHANDSHAKES -DENABLE_TLS_FALLBACK_SCSV -DREQUIRE_SECURE_REHANDSHAKES -DUSE_OCSP -DUSE_SCT -DUSE_ALPN -DSSL_DEFAULT_IN_BUF_SIZE=1500 -DSSL_DEFAULT_OUT_BUF_SIZE=1500 -DUSE_SERVER_PREFERRED_CIPHERS -DENABLE_FALSE_START -DUSE_BEAST_WORKAROUND -DUSE_CLIENT_AUTH -DSERVER_CAN_SEND_EMPTY_CERT_REQUEST -DSERVER_WILL_ACCEPT_EMPTY_CLIENT_CERT_MSG -DUSE_PBKDF1 -DUSE_PKCS5 -DUSE_PKCS8 -DUSE_PKCS12 -DPS_PUBKEY_OPTIMIZE_FOR_FASTER_SPEED -DPS_AES_IMPROVE_PERF_INCREASE_CODESIZE -DPS_3DES_IMPROVE_PERF_INCREASE_CODESIZE -DPS_MD5_IMPROVE_PERF_INCREASE_CODESIZE -DPS_SHA1_IMPROVE_PERF_INCREASE_CODESIZE -DLINUX -DPOSIX -DPSTM_64BIT -DNO_ASN_FORMAT_OID  inc/matrixssl-3-9-3-open/crypto/digest/digest_libsodium.c -o inc/matrixssl-3-9-3-open/crypto/digest/digest_libsodium.o
In file included from inc/matrixssl-3-9-3-open/crypto/digest/../cryptolib.h:78,
                 from inc/matrixssl-3-9-3-open/crypto/digest/../cryptoApi.h:48,
                 from inc/matrixssl-3-9-3-open/crypto/digest/../cryptoImpl.h:39,
                 from inc/matrixssl-3-9-3-open/crypto/digest/digest_libsodium.c:35:
inc/matrixssl-3-9-3-open/crypto/digest/../math/pstm.h:43:5: error: #error "May only enable either PS_PUBKEY_OPTIMIZE_FOR_FASTER_SPEED or PS_PUBKEY_OPTIMIZE_FOR_SMALLER_RAM"
   43 | #   error "May only enable either PS_PUBKEY_OPTIMIZE_FOR_FASTER_SPEED or PS_PUBKEY_OPTIMIZE_FOR_SMALLER_RAM"
      |     ^~~~~
make: *** [Makefile:347: inc/matrixssl-3-9-3-open/crypto/digest/digest_libsodium.o] Error 1
(/usr/bin/make exited with 512)

[gitcnd]

This line in the makefile is the cause:-

($^O !~ /darwin/ms ? 'PS_PUBKEY_OPTIMIZE_FOR_FASTER_SPEED' : ()),

Irritatingly, the actual offending key, PS_PUBKEY_OPTIMIZE_FOR_SMALLER_RAM , is not sent anyplace I can find?

[gitcnd]

Update - found where: ./matrixssl-3-9-3-open/crypto/layer/layer.h

#   if defined(USE_MATRIX_RSA) || defined(USE_MATRIX_ECC) || defined(USE_MATRIX_DH)
#    define PS_PUBKEY_OPTIMIZE_FOR_SMALLER_RAM
#   endif

it probably should be this:

/*
    Optimize public/private key operations for smaller ram usage.
    The memory savings for optimizing for ram is around 50%
 */
#   if defined(USE_MATRIX_RSA) || defined(USE_MATRIX_ECC) || defined(USE_MATRIX_DH)
#     if !defined(PS_PUBKEY_OPTIMIZE_FOR_FASTER_SPEED)
#       define PS_PUBKEY_OPTIMIZE_FOR_SMALLER_RAM
#     endif
#   endif

"./matrixssl-3-9-3-open/crypto/layer/layer.h" [Modified] line 330 of 342 --96%-- col 1

[powerman]

Released v3.9.3 with this patch. Thanks!