Date: Fri, 26 Oct 2018 14:13:57 -0400 From: Oleg Lelchuk <oleglelchuk@gmail.com> To: ronald-lists@klop.ws Cc: freebsd-current@freebsd.org Subject: Re: HEADS-UP: OpenSSL 1.1.1 in 12.0 Message-ID: <CA%2BGqWgtdRhS_R8qZdSG7_pPPzuvj3k1uNHk74rYM2QsugCW6KA@mail.gmail.com> In-Reply-To: <op.zqtbl0tekndu52@sjakie> References: <20181009213425.GG61558@FreeBSD.org> <346b8805-f4d3-dc90-c882-d72f640b6a5c@protected-networks.net> <da38b23c14ec5621ec89eb3088b68650@clogic.com.ua> <tkrat.ccd58adb13e2fbcf@FreeBSD.org> <tkrat.f1e337e82cc1af19@FreeBSD.org> <tkrat.e4370d04ebd19b25@FreeBSD.org> <op.zqtbl0tekndu52@sjakie>
next in thread | previous in thread | raw e-mail | index | archive | help
libtorrent still can't be built with the new openssl On Sat, Oct 13, 2018 at 4:40 AM Ronald Klop <ronald-lists@klop.ws> wrote: > On Sat, 13 Oct 2018 02:00:16 +0200, Don Lewis <truckman@freebsd.org> > wrote: > > > On 11 Oct, Don Lewis wrote: > >> On 11 Oct, Don Lewis wrote: > >>> On 11 Oct, freebsd.current@clogic.com.ua wrote: > >>>> On 2018-10-10 06:14, Michael Butler wrote: > >>>>> On 10/9/18 5:34 PM, Glen Barber wrote: > >>>>>> OpenSSL has been updated to version 1.1.1 as of r339270. > >>>>>> > >>>>>> It is important to rebuild third-party packages before running: > >>>>>> > >>>>>> # make -C /usr/src delete-old && make -C /usr/src delete-old-libs > >>>>>> > >>>>>> Thank you for your patience while this work was in progress, and > >>>>>> thank > >>>>>> you to all involved for their hard work in getting things ready for > >>>>>> this > >>>>>> update. > >>>>> > >>>>> So far, I've found two ports that will no longer build. They are: > >>>>> > >>>>> net-mgmt/net-snmp > >>>>> security/opencryptoki > >>>>> > >>>>> I simply chose those that were linked to /usr/lib/libssl.so.8 where > >>>>> the > >>>>> openssl update creates libssl.so.9. There may be more I haven't found > >>>>> yet, > >>>>> > >>>>> imb > >>>> > >>>> You always can add DEFAULT_VERSIONS+=ssl=openssl to /etc/make.conf to > >>>> use openssl from ports. > >>>> Anyway, I think apps from ports need to use openssl from ports. > >>> > >>> I've been doing this for a long time, but I still see a fair amount of > >>> breakage with the new base OpenSSL. I suspect that some ports are > >>> incorrectly stumbling across the new bits in base even though they > >>> shouldn't be looking there. > >> > >> security/p5-Net-SSLeay is hardwired to use base OpenSSL, so changing the > >> default version can't be done to unbreak p5-IO-Socket-SSL. > >> > >> devel/libsoup appears to allow the OpenSSL version to be set, but > >> doesn't > >> have an option for GSSAPI, so it attempts to use base GSSAPI with ports > >> OpenSSL which is not a valid combo. > >> > >> emulators/virtualbox-ose is hardwired to use base OpenSSL. > > > > I now think the problem with virtualbox-ose is not the port. Rather it > > is the fact that that the base libssl.so and the libssl.so installed by > > the security/openssl have the same shared library version number even > > though they are radically different OpenSSL versions. > > > I added this to libmap.conf: > cat /etc/libmap.conf > # $FreeBSD: head/libexec/rtld-elf/libmap.conf 338741 2018-09-18 00:25:00Z > brd $ > includedir /usr/local/etc/libmap.d > libssl.so.8 libssl.so.9 > libcrypto.so.8 libcrypto.so.9 > > This made pkg run again. And now I'm waiting for the next pkg build to > run > pkg upgrade -f and upgrade everything. > I guess that will solve all issues. > > Ronald. > _______________________________________________ > freebsd-current@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2BGqWgtdRhS_R8qZdSG7_pPPzuvj3k1uNHk74rYM2QsugCW6KA>