Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 604978 - net-libs/nodejs-7.3.0 with dev-libs/openssl-1.1.0c - node_crypto.h:95:54: error: invalid application of 'sizeof' to incomplete type 'SSL_CTX {aka ssl_ctx_st}'
Summary: net-libs/nodejs-7.3.0 with dev-libs/openssl-1.1.0c - node_crypto.h:95:54: err...
Status: CONFIRMED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Jeroen Roovers
URL:
Whiteboard:
Keywords:
Depends on:
Blocks: openssl-1.1
  Show dependency tree
 
Reported: 2017-01-07 19:44 UTC by eroen
Modified: 2019-04-01 16:56 UTC (History)
6 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
net-libs/nodejs-7.3.0:20170107-165907.log.xz (nodejs-7.3.0:20170107-165907.log.xz,22.98 KB, application/x-xz)
2017-01-07 19:44 UTC, eroen
Details
nodejs-8.8.1-openssl-1.1-p1-pr16130.patch (nodejs-8.8.1-openssl-1.1-p1-pr16130.patch,66.40 KB, patch)
2017-10-29 05:42 UTC, Mark Wright
Details | Diff
nodejs-8.8.1-openssl-1.1-p2.patch (nodejs-8.8.1-openssl-1.1-p2.patch,5.82 KB, patch)
2017-10-29 05:43 UTC, Mark Wright
Details | Diff
nodejs-9.2.0-openssl-1.1.patch (nodejs-9.2.0-openssl-1.1.patch,4.81 KB, patch)
2017-12-03 05:38 UTC, Mark Wright
Details | Diff
nodejs-9.3.0-openssl-1.1.patch (nodejs-9.3.0-openssl-1.1.patch,4.80 KB, patch)
2017-12-17 08:33 UTC, Mark Wright
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description eroen 2017-01-07 19:44:00 UTC
x86_64-pc-linux-gnu-g++ '-DNODE_ARCH="x64"' '-DNODE_PLATFORM="linux"' '-DNODE_WANT_INTERNALS=1' '-DV8_DEPRECATION_WARNINGS=1' '-DNODE_USE_V8_PLATFORM=1' '-DNODE_HAVE_I18N_SUPPORT=1' '-DHAVE_INSPECTOR=1' '-DHAVE_OPENSSL=1' '-D__POSIX__' -I../src -I../tools/msvs/genfiles -I../deps/uv/src/ares -I/var/tmp/portage/net-libs/nodejs-7.3.0/work/node-v7.3.0/out/Release/obj/gen -I../deps/v8_inspector/include -I/var/tmp/portage/net-libs/nodejs-7.3.0/work/node-v7.3.0/out/Release/obj/gen/include -I../deps/v8/include -I../deps/cares/include  -pthread -Wall -Wextra -Wno-unused-parameter -m64 -O3 -fno-omit-frame-pointer -fno-rtti -fno-exceptions -std=gnu++0x   -march=corei7-avx -O2 -pipe -c -o /var/tmp/portage/net-libs/nodejs-7.3.0/work/node-v7.3.0/out/Release/obj.target/node/src/node_buffer.o ../src/node_buffer.cc
In file included from ../src/node.cc:16:0:
../src/node_crypto.h:95:54: error: invalid application of 'sizeof' to incomplete type 'SSL_CTX {aka ssl_ctx_st}'
   static const int64_t kExternalSize = sizeof(SSL_CTX);
                                                      ^
../src/node_crypto.h:213:17: error: invalid application of 'sizeof' to incomplete type 'SSL {aka ssl_st}'
       sizeof(SSL) + sizeof(SSL3_STATE) + 42 * 1024;
                 ^
../src/node_crypto.h:213:28: error: 'SSL3_STATE' was not declared in this scope
       sizeof(SSL) + sizeof(SSL3_STATE) + 42 * 1024;
                            ^~~~~~~~~~
../src/node_crypto.h:465:18: error: field 'ctx_' has incomplete type 'EVP_CIPHER_CTX {aka evp_cipher_ctx_st}'
   EVP_CIPHER_CTX ctx_; /* coverity[member_decl] */
                  ^~~~
In file included from /usr/include/openssl/crypto.h:31:0,
                 from /usr/include/openssl/comp.h:16,
                 from /usr/include/openssl/ssl.h:47,
                 from ../src/node_crypto.h:20,
                 from ../src/node.cc:16:
/usr/include/openssl/ossl_typ.h:90:16: note: forward declaration of 'EVP_CIPHER_CTX {aka struct evp_cipher_ctx_st}'
 typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX;
                ^~~~~~~~~~~~~~~~~
In file included from ../src/node.cc:16:0:
../src/node_crypto.h: In destructor 'virtual node::crypto::CipherBase::~CipherBase()':
../src/node_crypto.h:415:33: error: 'EVP_CIPHER_CTX_cleanup' was not declared in this scope
     EVP_CIPHER_CTX_cleanup(&ctx_);
                                 ^
../src/node_crypto.h: At global scope:
../src/node_crypto.h:500:12: error: field 'ctx_' has incomplete type 'HMAC_CTX {aka hmac_ctx_st}'
   HMAC_CTX ctx_; /* coverity[member_decl] */
            ^~~~
In file included from /usr/include/openssl/crypto.h:31:0,
                 from /usr/include/openssl/comp.h:16,
                 from /usr/include/openssl/ssl.h:47,
                 from ../src/node_crypto.h:20,
                 from ../src/node.cc:16:
/usr/include/openssl/ossl_typ.h:102:16: note: forward declaration of 'HMAC_CTX {aka struct hmac_ctx_st}'
 typedef struct hmac_ctx_st HMAC_CTX;
                ^~~~~~~~~~~
In file included from ../src/node.cc:16:0:
../src/node_crypto.h: In destructor 'virtual node::crypto::Hmac::~Hmac()':
../src/node_crypto.h:478:27: error: 'HMAC_CTX_cleanup' was not declared in this scope
     HMAC_CTX_cleanup(&ctx_);
                           ^
../src/node_crypto.h: At global scope:
../src/node_crypto.h:529:14: error: field 'mdctx_' has incomplete type 'EVP_MD_CTX {aka evp_md_ctx_st}'
   EVP_MD_CTX mdctx_; /* coverity[member_decl] */
              ^~~~~~
In file included from /usr/include/openssl/crypto.h:31:0,
                 from /usr/include/openssl/comp.h:16,
                 from /usr/include/openssl/ssl.h:47,
                 from ../src/node_crypto.h:20,
                 from ../src/node.cc:16:
/usr/include/openssl/ossl_typ.h:92:16: note: forward declaration of 'EVP_MD_CTX {aka struct evp_md_ctx_st}'
 typedef struct evp_md_ctx_st EVP_MD_CTX;
                ^~~~~~~~~~~~~
In file included from ../src/node.cc:16:0:
../src/node_crypto.h: In destructor 'virtual node::crypto::Hash::~Hash()':
../src/node_crypto.h:509:31: error: 'EVP_MD_CTX_cleanup' was not declared in this scope
     EVP_MD_CTX_cleanup(&mdctx_);
                               ^
../src/node_crypto.h: At global scope:
../src/node_crypto.h:560:14: error: field 'mdctx_' has incomplete type 'EVP_MD_CTX {aka evp_md_ctx_st}'
   EVP_MD_CTX mdctx_; /* coverity[member_decl] */
              ^~~~~~
In file included from /usr/include/openssl/crypto.h:31:0,
                 from /usr/include/openssl/comp.h:16,
                 from /usr/include/openssl/ssl.h:47,
                 from ../src/node_crypto.h:20,
                 from ../src/node.cc:16:
/usr/include/openssl/ossl_typ.h:92:16: note: forward declaration of 'EVP_MD_CTX {aka struct evp_md_ctx_st}'
 typedef struct evp_md_ctx_st EVP_MD_CTX;
                ^~~~~~~~~~~~~
In file included from ../src/node.cc:16:0:
../src/node_crypto.h: In destructor 'virtual node::crypto::SignBase::~SignBase()':
../src/node_crypto.h:554:31: error: 'EVP_MD_CTX_cleanup' was not declared in this scope
     EVP_MD_CTX_cleanup(&mdctx_);
                               ^
../src/node_crypto.h: In destructor 'virtual node::crypto::DiffieHellman::~DiffieHellman()':
../src/node_crypto.h:644:17: error: 'DH_free' was not declared in this scope
       DH_free(dh);
                 ^
  x86_64-pc-linux-gnu-g++ '-DNODE_ARCH="x64"' '-DNODE_PLATFORM="linux"' '-DNODE_WANT_INTERNALS=1' '-DV8_DEPRECATION_WARNINGS=1' '-DNODE_USE_V8_PLATFORM=1' '-DNODE_HAVE_I18N_SUPPORT=1' '-DHAVE_INSPECTOR=1' '-DHAVE_OPENSSL=1' '-D__POSIX__' -I../src -I../tools/msvs/genfiles -I../deps/uv/src/ares -I/var/tmp/portage/net-libs/nodejs-7.3.0/work/node-v7.3.0/out/Release/obj/gen -I../deps/v8_inspector/include -I/var/tmp/portage/net-libs/nodejs-7.3.0/work/node-v7.3.0/out/Release/obj/gen/include -I../deps/v8/include -I../deps/cares/include  -pthread -Wall -Wextra -Wno-unused-parameter -m64 -O3 -fno-omit-frame-pointer -fno-rtti -fno-exceptions -std=gnu++0x   -march=corei7-avx -O2 -pipe -c -o /var/tmp/portage/net-libs/nodejs-7.3.0/work/node-v7.3.0/out/Release/obj.target/node/src/node_config.o ../src/node_config.cc
  x86_64-pc-linux-gnu-g++ '-DNODE_ARCH="x64"' '-DNODE_PLATFORM="linux"' '-DNODE_WANT_INTERNALS=1' '-DV8_DEPRECATION_WARNINGS=1' '-DNODE_USE_V8_PLATFORM=1' '-DNODE_HAVE_I18N_SUPPORT=1' '-DHAVE_INSPECTOR=1' '-DHAVE_OPENSSL=1' '-D__POSIX__' -I../src -I../tools/msvs/genfiles -I../deps/uv/src/ares -I/var/tmp/portage/net-libs/nodejs-7.3.0/work/node-v7.3.0/out/Release/obj/gen -I../deps/v8_inspector/include -I/var/tmp/portage/net-libs/nodejs-7.3.0/work/node-v7.3.0/out/Release/obj/gen/include -I../deps/v8/include -I../deps/cares/include  -pthread -Wall -Wextra -Wno-unused-parameter -m64 -O3 -fno-omit-frame-pointer -fno-rtti -fno-exceptions -std=gnu++0x   -march=corei7-avx -O2 -pipe -c -o /var/tmp/portage/net-libs/nodejs-7.3.0/work/node-v7.3.0/out/Release/obj.target/node/src/node_constants.o ../src/node_constants.cc
make: *** [node.target.mk:152: /var/tmp/portage/net-libs/nodejs-7.3.0/work/node-v7.3.0/out/Release/obj.target/node/src/node.o] Error 1
make: *** Waiting for unfinished jobs....
rm 57add9cb9d387177fdf8756ef89ed2abedd8f920.intermediate
make: Leaving directory '/var/tmp/portage/net-libs/nodejs-7.3.0/work/node-v7.3.0/out'
 * ERROR: net-libs/nodejs-7.3.0::gentoo failed (compile phase):
 *   emake failed
Comment 1 eroen 2017-01-07 19:44:57 UTC
Created attachment 459110 [details]
net-libs/nodejs-7.3.0:20170107-165907.log.xz
Comment 2 Mark Wright gentoo-dev 2017-10-18 23:34:15 UTC
I changed the URL: from
https://github.com/nodejs/node/pull/8491
as 8491 is now closed to
https://github.com/nodejs/node/pull/16130
Comment 3 Mark Wright gentoo-dev 2017-10-19 00:10:02 UTC
(In reply to Mark Wright from comment #2)
> I changed the URL: from
> https://github.com/nodejs/node/pull/8491
> as 8491 is now closed to
> https://github.com/nodejs/node/pull/16130

Looking at the minutes (below) of the latest meeting from upstream I think changing
the URL was a mistake, so I put it back.  Upstream seem to be in no hurry to fix it, at least the PR# 8491 is a possible way forward as noted in this comment:

https://github.com/nodejs/node/pull/16130#issuecomment-335811146

davidben commented 7 days ago
You'll have to ask OpenSSL folks about that one. But I don't think it makes sense to wait for it before supporting it at all, maybe just before shipping it in the bundled copy. Switching to 1.1.0 is a large change with deprecation consequences. You're better off getting things in sooner rather than later so you can plan for it before 1.0.2 goes EOL. (I intentionally did not switch the bundled copy in this PR.)

Moreover, folks like Linux distributions may switch before you do. They may just pick up the old PR which would be problematic as it didn't work right.


### nodejs/node

* Support both OpenSSL 1.1.0 and 1.0.2 [#16130](https://github.com/nodejs/node/pull/16130)
  * Myles: 1.0.2 is EOL end 2019, we shortened lifecycle of
    Node v8 to accommodate
  * Myles: 1.1.0 is latest, but no LTS plan is public and no FIPS.
  * Myles: We need a solid OpenSSL story by the time 10.0.0 is cut because LTS and all that.
  * Myles: We need a crypto team or a WG to handle this.
  * Michael Dawson: Once 9.0.0 is cut, we should switch over to 1.1.0 in master. We know we can.t stay
    on 1.0.2 for 10.0.0 because it will be end of life. So straightforward path is upgrade to 1.1.0.
  * Myles: I volunteer to help put together a group to push this forward. Anyone else? I.m not an expert.
  * James: The TSC experts on crypto aren.t on this call. We should pull in Fedor and Shigeki for sure.
  * Myles: I.ll reach out to them.
  * Michael: Anyone think moving to 1.1.0 after cutting 9 is the wrong thing to do?
  * James: What about FIPS?
  * Michael: We may have no choice. If there.s no FIPS module, what can else can we do?
  * James: We can.t have 10.0.0 go LTS without FIPS.
  * Myles: Only alternative that has a FIPS module is BoringSSL. But the README is not encouraging about it.
    we should maybe get some industry folks involved. I.ve heard that maybe there.s a desire to not have FIPS support.
  * James: If that.s our route, we need to deprecate FIPS support ASAP.
  * Myles: We could deprecate FIPS in 9.0.0 and bring it back anytime.
  * James: Would rather not deprecate and bring back. We can do a docs deprecation later in 9.0.0 and a run time deprecation in 10.0.0.
  * Nikita: +1 to deprecating FIPS.
  * ACTION ITEM: Myles, James, Michael, hopefully Fedor and Shigeki, maybe others, will talk about this and bring back a proposal.
Comment 4 Mark Wright gentoo-dev 2017-10-29 05:42:37 UTC
Created attachment 500618 [details, diff]
nodejs-8.8.1-openssl-1.1-p1-pr16130.patch

Patch 1 of 2 for net-libs/nodejs-8.1.1 to compile with dev-libs/openssl-1.1.0f, from PR# 16130.
Comment 5 Mark Wright gentoo-dev 2017-10-29 05:43:56 UTC
Created attachment 500620 [details, diff]
nodejs-8.8.1-openssl-1.1-p2.patch

Patch 2 of 2 for net-libs/nodejs-8.1.1 to compile with dev-libs/openssl-1.1.0f, by me.
Comment 6 Mark Wright gentoo-dev 2017-12-03 05:38:02 UTC
Created attachment 507810 [details, diff]
nodejs-9.2.0-openssl-1.1.patch

pull request 16310 is merged in nodejs 9.2.0, so this is just the remaining changes from my nodejs-8.8.1-openssl-1.1-p2.patch for nodejs 9.2.0.
Comment 7 Mark Wright gentoo-dev 2017-12-17 08:33:56 UTC
Created attachment 510424 [details, diff]
nodejs-9.3.0-openssl-1.1.patch
Comment 8 Quentin Minster 2018-03-04 23:47:39 UTC
I may be missing something, but to me the `set_protocol_version()` function in your patch feels very wrong. All it seems to do is create a SSL_CTX, set its min/max protocol version, and delete it. If that was the intention, the SSL_METHOD passed as a parameter won't be affected at all by these calls.
Comment 9 Craig Andrews gentoo-dev 2018-10-26 16:32:47 UTC
I cannot reproduce this issue. Note that I'm using node 9.11.2 (7.x is no longer in Gentoo).

USE="openssl" emerge =net-libs/nodejs-9.11.2

Succeeds. I'm using dev-libs/openssl-1.1.1

I'm confident that this issue was solved by https://bugs.gentoo.org/592438#c5
Comment 10 Anton Bolshakov 2018-12-16 00:08:21 UTC
Unable to reproduce with 8.12.0 (current stable) either

amd64 mostly stable env
Comment 11 Vadim A. Misbakh-Soloviov (mva) 2018-12-17 08:59:02 UTC
It is 10.14.2 marked as LTS (aka "stable") by upstream ATM.
All <=9 versions are EOL.
And 10+ requires (?) openssl-1.1
Comment 12 Anton Bolshakov 2018-12-19 03:23:08 UTC
(In reply to Vadim A. Misbakh-Soloviov (mva) from comment #11)
> It is 10.14.2 marked as LTS (aka "stable") by upstream ATM.
> All <=9 versions are EOL.
> And 10+ requires (?) openssl-1.1

Thank you for the hint.

Quick note, 10+ ebuilds might be unnecessary strict and prevents building it against openssl-1.1.1*. Somebody with a better knowledge may want to investigate and correct the RDEPEND section