Error compiling NTPv4 for ARM with OpenSSL

Question

The error is along the lines of "ntp_crypto.c:2248:2: error: unknown type name 'DSA_SIG'; did you mean 'ECDSA_SIG'?"

make fails with the following output:

tp_crypto.c: In function 'crypto_alice':
ntp_crypto.c:2188:13: warning: implicit declaration of function 'EVP_PKEY_get0_DSA'; did you mean 'EVP_PKEY_get0_RSA'? [-Wimplicit-function-declaration]
if ((dsa = EVP_PKEY_get0_DSA(peer->ident_pkey->pkey)) == NULL) {
         ^~~~~~~~~~~~~~~~~

         EVP_PKEY_get0_RSA


ntp_crypto.c:2188:11: warning: assignment makes pointer from integer without a cast [-Wint-conversion]
if ((dsa = EVP_PKEY_get0_DSA(peer->ident_pkey->pkey)) == NULL) {
       ^


ntp_crypto.c:2199:2: warning: implicit declaration of function 'DSA_get0_pqg'; did you mean 'DH_get0_pqg'? [-Wimplicit-function-declaration]
DSA_get0_pqg(dsa, NULL, &q, NULL);
^~~~~~~~~~~~
DH_get0_pqg
ntp_crypto.c: In function 'crypto_bob':
ntp_crypto.c:2248:2: error: unknown type name 'DSA_SIG'; did you mean 'ECDSA_SIG'?
DSA_SIG sdsa;  / DSA signature context fake */
^~~~~~~
ECDSA_SIG
ntp_crypto.c:2266:6: warning: assignment makes pointer from integer without a cast [-Wint-conversion]
dsa = EVP_PKEY_get0_DSA(iffkey_info->pkey);
  ^


ntp_crypto.c:2268:2: warning: implicit declaration of function 'DSA_get0_key'; did you mean 'RSA_get0_key'? [-Wimplicit-function-declaration]
DSA_get0_key(dsa, NULL, &priv_key);
^~~~~~~~~~~~
RSA_get0_key
ntp_crypto.c:2287:9: warning: implicit declaration of function 'DSA_SIG_new'; did you mean 'ECDSA_SIG_new'? [-Wimplicit-function-declaration]
sdsa = DSA_SIG_new();
     ^~~~~~~~~~~

     ECDSA_SIG_new


ntp_crypto.c:2287:7: warning: assignment makes pointer from integer without a cast [-Wint-conversion]
sdsa = DSA_SIG_new();
   ^


ntp_crypto.c:2294:2: warning: implicit declaration of function 'DSA_SIG_set0'; did you mean 'ECDSA_SIG_set0'? [-Wimplicit-function-declaration]
DSA_SIG_set0(sdsa, bn, bk);
^~~~~~~~~~~~
ECDSA_SIG_set0
ntp_crypto.c:2299:3: warning: implicit declaration of function 'DSA_print_fp'; did you mean 'RSA_print_fp'? [-Wimplicit-function-declaration]
DSA_print_fp(stdout, dsa, 0);
^~~~~~~~~~~~
RSA_print_fp
ntp_crypto.c:2306:8: warning: implicit declaration of function 'i2d_DSA_SIG'; did you mean 'i2d_ECDSA_SIG'? [-Wimplicit-function-declaration]
len = i2d_DSA_SIG(sdsa, NULL);
    ^~~~~~~~~~~

    i2d_ECDSA_SIG


ntp_crypto.c:2310:3: warning: implicit declaration of function 'DSA_SIG_free'; did you mean 'ECDSA_SIG_free'? [-Wimplicit-function-declaration]
DSA_SIG_free(sdsa);
^~~~~~~~~~~~
ECDSA_SIG_free
ntp_crypto.c: In function 'crypto_iff':
ntp_crypto.c:2363:2: error: unknown type name 'DSA_SIG'; did you mean 'ECDSA_SIG'?
DSA_SIG sdsa;  / DSA parameters */
^~~~~~~
ECDSA_SIG
ntp_crypto.c:2385:11: warning: assignment makes pointer from integer without a cast [-Wint-conversion]
if ((dsa = EVP_PKEY_get0_DSA(peer->ident_pkey->pkey)) == NULL) {
       ^


ntp_crypto.c:2400:14: warning: implicit declaration of function 'd2i_DSA_SIG'; did you mean 'd2i_ECDSA_SIG'? [-Wimplicit-function-declaration]
if ((sdsa = d2i_DSA_SIG(NULL, &ptr, len)) == NULL) {
          ^~~~~~~~~~~

          d2i_ECDSA_SIG


ntp_crypto.c:2400:12: warning: assignment makes pointer from integer without a cast [-Wint-conversion]
if ((sdsa = d2i_DSA_SIG(NULL, &ptr, len)) == NULL) {
        ^


ntp_crypto.c:2412:2: warning: implicit declaration of function 'DSA_SIG_get0'; did you mean 'ECDSA_SIG_get0'? [-Wimplicit-function-declaration]
DSA_SIG_get0(sdsa, &r, &s);
^~~~~~~~~~~~
ECDSA_SIG_get0
ntp_crypto.c: In function 'crypto_bob2':
ntp_crypto.c:2578:2: error: unknown type name 'DSA_SIG'; did you mean 'ECDSA_SIG'?
DSA_SIG sdsa;  / DSA parameters */
^~~~~~~
ECDSA_SIG
ntp_crypto.c:2616:7: warning: assignment makes pointer from integer without a cast [-Wint-conversion]
sdsa = DSA_SIG_new();
   ^


ntp_crypto.c: In function 'crypto_gq':
ntp_crypto.c:2686:2: error: unknown type name 'DSA_SIG'; did you mean 'ECDSA_SIG'?
DSA_SIG sdsa;  / RSA signature context fake */
^~~~~~~
ECDSA_SIG
ntp_crypto.c:2726:12: warning: assignment makes pointer from integer without a cast [-Wint-conversion]
if ((sdsa = d2i_DSA_SIG(NULL, &ptr, len)) == NULL) {
        ^


ntp_crypto.c: In function 'crypto_alice3':
ntp_crypto.c:2862:11: warning: assignment makes pointer from integer without a cast [-Wint-conversion]
if ((dsa = EVP_PKEY_get0_DSA(peer->ident_pkey->pkey)) == NULL) {
       ^


ntp_crypto.c: In function 'crypto_bob3':
ntp_crypto.c:2940:6: warning: assignment makes pointer from integer without a cast [-Wint-conversion]
dsa = EVP_PKEY_get0_DSA(mvkey_info->pkey);
  ^


ntp_crypto.c:2962:9: warning: implicit declaration of function 'DSA_new'; did you mean 'RSA_new'? [-Wimplicit-function-declaration]
sdsa = DSA_new();
     ^~~~~~~

     RSA_new


ntp_crypto.c:2962:7: warning: assignment makes pointer from integer without a cast [-Wint-conversion]
sdsa = DSA_new();
   ^


ntp_crypto.c:2975:2: warning: implicit declaration of function 'DSA_set0_key'; did you mean 'RSA_set0_key'? [-Wimplicit-function-declaration]
DSA_set0_key(sdsa, BN_dup(pub_key), NULL);
^~~~~~~~~~~~
RSA_set0_key
ntp_crypto.c:2976:2: warning: implicit declaration of function 'DSA_set0_pqg'; did you mean 'DH_set0_pqg'? [-Wimplicit-function-declaration]
DSA_set0_pqg(sdsa, sp, sq, sg);
^~~~~~~~~~~~
DH_set0_pqg
ntp_crypto.c:2991:8: warning: implicit declaration of function 'i2d_DSAparams'; did you mean 'i2d_DHxparams'? [-Wimplicit-function-declaration]
len = i2d_DSAparams(sdsa, NULL);
    ^~~~~~~~~~~~~

    i2d_DHxparams


ntp_crypto.c:2995:3: warning: implicit declaration of function 'DSA_free'; did you mean 'RSA_free'? [-Wimplicit-function-declaration]
DSA_free(sdsa);
^~~~~~~~
RSA_free
ntp_crypto.c: In function 'crypto_mv':
ntp_crypto.c:3060:11: warning: assignment makes pointer from integer without a cast [-Wint-conversion]
if ((dsa = EVP_PKEY_get0_DSA(peer->ident_pkey->pkey)) == NULL) {
       ^


ntp_crypto.c:3077:14: warning: implicit declaration of function 'd2i_DSAparams'; did you mean 'd2i_DHxparams'? [-Wimplicit-function-declaration]
if ((sdsa = d2i_DSAparams(NULL, &ptr, len)) == NULL) {
          ^~~~~~~~~~~~~

          d2i_DHxparams


ntp_crypto.c:3077:12: warning: assignment makes pointer from integer without a cast [-Wint-conversion]
if ((sdsa = d2i_DSAparams(NULL, &ptr, len)) == NULL) {

These are the headers for ntp_crypto.c:

/*
 * ntp_crypto.c - NTP version 4 public key routines
 */
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#ifdef AUTOKEY
#include <stdio.h>
#include <stdlib.h> /* strtoul */
#include <sys/types.h>
#include <sys/param.h>
#include <unistd.h>
#include <fcntl.h>
#include "ntpd.h"
#include "ntp_stdlib.h"
#include "ntp_unixtime.h"
#include "ntp_string.h"
#include "ntp_random.h"
#include "ntp_assert.h"
#include "ntp_calendar.h"
#include "ntp_leapsec.h"
#include <openssl/dsa.h>
#include "openssl/asn1.h"
#include "openssl/bn.h"
#include "openssl/crypto.h"
#include "openssl/err.h"
#include "openssl/evp.h"
#include "openssl/opensslv.h"
#include "openssl/pem.h"
#include "openssl/rand.h"
#include "openssl/x509.h"
#include "openssl/x509v3.h"
#include "libssl_compat.h"
#ifdef KERNEL_PLL
#include "ntp_syscall.h"
#endif /* KERNEL_PLL */

I am using OpenSSL v1.1.1

This is the ./configure options:

#!/bin/sh
Configure software package.
configure()
{
cd $packageDir
./bootstrap
./configure --host=arm-linux --with-yielding-select=yes  --with-crypto=openssl --enable-linuxcaps \
    --with-openssl-incdir=$OPENSSL_DIR/install-arm/include/ \

    --with-openssl-libdir=$OPENSSL_DIR/install-arm/lib/ \




return $?
}

Answer 1

See Bug #3756 in NTP Bugzilla.

Brian Utterback 2022-02-10 16:34:50 UTC

NTP needs OpenSSL version 1.0.2, which is no longer supported. Version 1.1.1 is only going to be supported for one more year. It needs to be updated to use 3.0.

The bug status is IN_PROGRESS, but no further notes have been written. This suggests the stable version of NTPv4 still requires OpenSSL 1.0.2, which is obsolete. Your problems might originate from the differences between OpenSSL 1.0.2 and 1.1.1, or perhaps your installed version of OpenSSL has been built with the deprecated DSA algorithm completely disabled.

It seems that the development of NTPv4 (the software suite) has stalled since June 2020, and e.g. RedHat seems to prefer chronyd these days. The developer info page says the source code should be at Github, but I see no recent activity there at all, and the links on the NTPv4 Bugzilla front page offer a development release from 2019 and a stable release from 2020, which are both newer than the contents of the Git repository.