Date: Fri, 10 Apr 2015 17:07:09 +1000 From: Dewayne Geraghty <dewayne.geraghty@heuristicsystems.com.au> To: freebsd-ports@freebsd.org Subject: Re: openssl and bash libcrypto Message-ID: <5527769D.3060505@heuristicsystems.com.au> In-Reply-To: <55272BC5.8090805@ish.com.au> References: <552657AC.1020802@ish.com.au> <55271AB5.8020907@ish.com.au> <CABgom6fORDqZUg8HvHLCMuRFVtSxvEF0U0jFvBRKJUm%2BKmJ6Sw@mail.gmail.com> <55272BC5.8090805@ish.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On 10/04/2015 11:47 AM, Aristedes Maniatis wrote: > Dewayne Geraghty wrote: >> Most likely there was a port build that required openssl port, and also required >> something like libarchive or libfetch (for example), both require openssl base >> (I've found net-mgmt/net-snmp does this). Your bt reveals that the symbol table >> is confused, as expected. > Ah, that's a good help. So I can easily core dump /usr/bin/vi by trying to edit any file. Forgive my ignorance of C debugging, but I'll stumble through this: > > 1. I attach gdb to the application and load the core dump. > 2. It tries to read symbols from a bunch of system libraries. > 3. In amongst all those libraries are some located in /usr/local: > > /usr/local/lib/nss_ldap.so.1 > /usr/local/lib/libldap-2.4.so.2 > /usr/local/lib/liblber-2.4.so.2 > /usr/local/lib/libssl.so.8 > /usr/local/lib/libcrypto.so.8 > > So the whole chain of problems originates from nss_ldap. But I'm confused about what I'm looking at here.. > > Did vi try to load some access control library when it tried to write a file out to disk, and then that loaded nsswitch which in turn I've tied into the nss_ldap port, and then from there it was a slippery slope to disaster of conflicting libraries? > > I'll try building nss_ldap against base openssl and see if that helps, but can someone help explain the naming here. Why do we have /usr/local/lib/libcrypto.so.8 but lib/libcrypto.so.7. Was this done when the openssl port moved from 1.0.1 to 1.0.2? Isn't there usually a warning in UPDATING when we need to rebuild all ports for that reason? > > If all ports move to only use openssl from ports, then how does my example above get fixed? Doesn't it make it all worse? > > > So many questions! Thanks for all the help in understanding this. > > Ari > > Ari, Anything under /usr/local/ should be regarded as coming from /usr/ports - that is, it is *not* part of the base system. /lib and /usr/lib are part of the base system. If your system is crashing due to /usr/bin/vi which is part of the base system, then something is very wrong with the system. I'm guessing but is it possible that you've installed 32 libs onto a 64 base system, or the other way around? I can't see how vi needs anything under /usr/local, as its from the "base" system - so I guess others may need to step up to assist. Regards, Dewayne
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5527769D.3060505>