For a variety of reasons, we prefer to compile our own CFEngine (Community Edition) packages. It does not seem to compile cleanly against the OpenSSL version found in CentOS 9, RHEL 9, and Ubuntu 22.04.
Is there a workaround or do I need to start building (and bundling) a specific version of OpenSSL along with the agent binaries?
[user@test-cent9 cfengine-3.18.1]$ openssl version
OpenSSL 3.0.1 14 Dec 2021 (Library: OpenSSL 3.0.1 14 Dec 2021)
Compile errors:
In file included from hash.c:33:
./hash.h:64:28: error: unknown type name ‘RSA’
64 | Hash *HashNewFromKey(const RSA *rsa, HashMethod method);
| ^~~
./hash.h:163:23: error: unknown type name ‘RSA’
163 | void HashPubKey(const RSA *key, unsigned char digest[EVP_MAX_MD_SIZE + 1], HashMethod type);
| ^~~
hash.c:214:28: error: unknown type name ‘RSA’
214 | Hash *HashNewFromKey(const RSA *rsa, HashMethod method)
| ^~~
hash.c: In function ‘HashNewFromKey’:
hash.c:226:5: error: implicit declaration of function ‘RSA_get0_key’ [-Werror=implicit-function-declaration]
226 | RSA_get0_key(rsa, &n, &e, NULL);
| ^~~~~~~~~~~~
hash.c: At top level:
hash.c:531:11: error: unknown type name ‘RSA’
531 | const RSA *const key,
| ^~~
cc1: some warnings being treated as errors
make[4]: *** [Makefile:618: hash.lo] Error 1
make[3]: *** [Makefile:624: all-recursive] Error 1
make[2]: *** [Makefile:531: all] Error 2
make[1]: *** [Makefile:711: all-recursive] Error 1
make: *** [Makefile:600: all] Error 2