Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at
Bug 1383651 - perl-Crypt-OpenSSL-DSA-0.15-5.fc26 FTBFS: dereferencing pointer to incomplete type 'DSA {aka struct dsa_st}'
Summary: perl-Crypt-OpenSSL-DSA-0.15-5.fc26 FTBFS: dereferencing pointer to incomplete...
Alias: None
Product: Fedora
Classification: Fedora
Component: perl-Crypt-OpenSSL-DSA
Version: rawhide
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
Assignee: Petr Pisar
QA Contact: Fedora Extras Quality Assurance
Depends On:
Blocks: 1383740
TreeView+ depends on / blocked
Reported: 2016-10-11 11:21 UTC by Petr Pisar
Modified: 2016-11-01 08:49 UTC (History)
2 users (show)

Fixed In Version: perl-Crypt-OpenSSL-DSA-0.15-7.fc26
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2016-11-01 08:49:32 UTC
Type: Bug

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
CPAN 118346 0 None None None 2016-10-12 09:29:32 UTC

Description Petr Pisar 2016-10-11 11:21:17 UTC
perl-Crypt-OpenSSL-DSA-0.15-5.fc26 fails to build in F25:

gcc -c   -D_REENTRANT -D_GNU_SOURCE -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -fwrapv -fno-strict-aliasing -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -g   -DVERSION=\"0.15\" -DXS_VERSION=\"0.15\" -fPIC "-I/usr/lib64/perl5/CORE"  -DPERL5 DSA.c
DSA.xs: In function 'XS_Crypt__OpenSSL__DSA_get_p':
DSA.xs:264:28: error: dereferencing pointer to incomplete type 'DSA {aka struct dsa_st}'
         len = BN_bn2bin(dsa->p, to);

This is caused by upgrading openssl from 1:1.0.2j-1.fc26 to 1:1.1.0b-1.fc26.

Comment 1 Petr Pisar 2016-10-14 11:14:40 UTC
I posted a fix to the upstream bug report.

Comment 2 Petr Pisar 2016-10-27 08:25:21 UTC
No reply from upstream in two weeks. I will apply it into Fedora.

Comment 3 Petr Pisar 2016-11-01 07:27:15 UTC
After applying the fix, perl-Net-DNS-SEC tests fail in:

    my $dsa = Crypt::OpenSSL::DSA->new();           # private key

    $dsa->set_p( decode_base64 $private->prime );
    $dsa->set_q( decode_base64 $private->subprime );
    $dsa->set_g( decode_base64 $private->base );

→   $dsa->set_priv_key( decode_base64 $private->private_value );

With message:

Could not set a key at lib/Net/DNS/SEC/ line 75.
signature generation failed at t/10-keyset.t line 112.

Comment 4 Petr Pisar 2016-11-01 08:49:32 UTC
The issue is new OpenSSL does support setting a private key before a public key. I added a code that allows it on the XS level.

Note You need to log in before you can comment on or make changes to this bug.