Сборка squid 7.1 из исходников при использовании gcc version 9.1.1
Компилятор выдал ошибки
gadgets.cc: In function 'std::optional<SBuf> ParseAsUtf8(const ASN1_STRING&)':
gadgets.cc:483:67: error: invalid conversion from 'const ASN1_STRING*' {aka 'const asn1_string_st*'} to 'ASN1_STRING*' {aka 'asn1_string_st*'} [-fpermissive]
483 | const auto conversionResult = ASN1_STRING_to_UTF8(&utfBuffer, &asnBuffer);
| ^~~~~~~~~~
| |
| const ASN1_STRING* {aka const asn1_string_st*}
In file included from ../../compat/openssl.h:29,
from ../../src/security/LockingPointer.h:18,
from ../../src/security/forward.h:15,
from ../../src/security/ErrorDetail.h:15,
from ../../src/security/Io.h:13,
from gadgets.cc:15:
/usr/include/openssl/asn1.h:1000:59: note: initializing argument 2 of 'int ASN1_STRING_to_UTF8(unsigned char**, ASN1_STRING*)'
1000 | int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in);
| ~~~~~~~~~~~~~^~
gadgets.cc: In function 'bool addAltNameWithSubjectCn(Security::CertPointer&)':
gadgets.cc:551:95: error: invalid conversion from 'const char*' to 'char*' [-fpermissive]
551 | const auto ext = X509V3_EXT_conf_nid(nullptr, nullptr, NID_subject_alt_name, altName.c_str());
| ~~~~~~~~~~~~~^~
| |
| const char*
In file included from ../../src/ssl/gadgets.h:34,
from ../../src/AccessLogEntry.h:31,
from ../../src/auth/UserRequest.h:14,
from ../../src/HttpRequest.h:24,
from ../../src/ssl/ErrorDetailManager.h:13,
from ../../src/security/ErrorDetail.h:19,
from ../../src/security/Io.h:13,
from gadgets.cc:15:
/usr/include/openssl/x509v3.h:613:28: note: initializing argument 4 of 'X509_EXTENSION* X509V3_EXT_conf_nid(lhash_st_CONF_VALUE*, X509V3_CTX*, int, char*)'
613 | int ext_nid, char *value);
| ~~~~~~^~~~~
Предполагаю, что ошибка в неправильно объявленном типе но как указать правильно. Вот куски кода где возникает ошибки
SBuf
Ssl::AsnToSBuf(const ASN1_STRING &buffer)
{
return SBuf(reinterpret_cast<const char *>(buffer.data), buffer.length);
}
/// OpenSSL ASN1_STRING_to_UTF8() wrapper
static std::optional<SBuf>
ParseAsUtf8(const ASN1_STRING &asnBuffer)
{
unsigned char *utfBuffer = nullptr;
const auto conversionResult = ASN1_STRING_to_UTF8(&utfBuffer, &asnBuffer);
if (conversionResult < 0) {
debugs(83, 3, "failed" << Ssl::ReportAndForgetErrors);
return std::nullopt;
}
Assure(utfBuffer);
const auto utfChars = reinterpret_cast<char *>(utfBuffer);
const auto utfLength = static_cast<size_t>(conversionResult);
Ssl::UniqueCString bufferDestroyer(utfChars);
return SBuf(utfChars, utfLength);
}
и вот
/// Adds a new subjectAltName extension contining Subject CN or returns false
/// expects the caller to check for the existing subjectAltName extension
static bool
addAltNameWithSubjectCn(Security::CertPointer &cert)
{
X509_NAME *name = X509_get_subject_name(cert.get());
if (!name)
return false;
const int loc = X509_NAME_get_index_by_NID(name, NID_commonName, -1);
if (loc < 0)
return false;
const auto cn = Ssl::ParseCommonNameAt(*name, loc);
if (!cn)
return false;
// We create an "IP:address" or "DNS:name" text that X509V3_EXT_conf_nid()
// then parses and converts to OpenSSL GEN_IPADD or GEN_DNS GENERAL_NAME.
// TODO: Use X509_add1_ext_i2d() to add a GENERAL_NAME extension directly:
// https://github.com/openssl/openssl/issues/11706#issuecomment-633180151
const auto altNamePrefix = cn->ip() ? "IP:" : "DNS:";
auto altName = ToSBuf(altNamePrefix, *cn);
const auto ext = X509V3_EXT_conf_nid(nullptr, nullptr, NID_subject_alt_name, altName.c_str());
if (!ext)
return false;
const bool result = X509_add_ext(cert.get(), ext, -1);
X509_EXTENSION_free(ext);
return result;
}