Date: Fri, 29 Jul 2016 12:09:52 +0200 From: Bertram Scharpf <lists@bertram-scharpf.de> To: freebsd-hackers@freebsd.org Subject: Re: Segfault in OpenSSL even though GnuTLS demanded Message-ID: <20160729100952.GA4967@becker.bs.l> In-Reply-To: <7483738d-01e7-0bb2-81e9-9c26d8ef8c9f@FreeBSD.org> References: <20160728180255.GA79509@becker.bs.l> <599ca93e-31ed-fcb4-75de-7d05667d928e@FreeBSD.org> <20160728205516.GA94239@becker.bs.l> <b88fc3be-c10a-70b1-c985-f560ad86ecc0@FreeBSD.org> <20160728213717.GA98586@becker.bs.l> <7483738d-01e7-0bb2-81e9-9c26d8ef8c9f@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thursday, 28. Jul 2016, 17:56:46 -0400, Jung-uk Kim wrote: > On 07/28/16 05:37 PM, Bertram Scharpf wrote: > > On Thursday, 28. Jul 2016, 17:25:50 -0400, Jung-uk Kim wrote: > >> On 07/28/16 04:55 PM, Bertram Scharpf wrote: > >>> On Thursday, 28. Jul 2016, 15:37:00 -0400, Jung-uk Kim wrote: > >>>> On 07/28/16 02:02 PM, Bertram Scharpf wrote: > >>>>> > >>>>> Program received signal SIGSEGV, Segmentation fault. > >>>>> [Switching to Thread 29403080 (LWP 101275/mcabber)] > >>>>> 0x285c1245 in OPENSSL_ia32_cpuid () from /usr/local/lib/libcrypto.so.8 > >>>> > >>>> Try "ldd /usr/local/lib/libloudmouth-1.so.0.1.0". It looks like a > >>>> Kerberos issue. > >>> > >>> No errors. They do all exist. I double-checked it: > >>> > >>> $ ldd /usr/local/lib/libloudmouth-1.so.0.1.0 | perl -lne '/=>\s*(\S+)/ and not -e $1 and print $1' > >> > >> I guess you misunderstood. I didn't mean you have a missing library. I > >> believe it links *two* libcrypto.so's, i.e., one from base and one from > >> ports. > > > > Indeed: > > > > # ldd /usr/local/lib/libloudmouth-1.so.0.1.0 | grep libcrypto > > libcrypto.so.8 => /usr/local/lib/libcrypto.so.8 (0x28d00000) > > libcrypto.so.7 => /lib/libcrypto.so.7 (0x2925b000) > > > > So, how could I resolve this? > You may ask its maintainer (gnome@FreeBSD.org) to add USES+=gssapi and > add an option to select GSS-API from ports. Another solution may be > removing all packages depending on /usr/local/lib/libcrypto.8 and > rebuilding them with base OpenSSL. I cannot remove _all_ packages that depend on OpenSSL. # pkg info -qr openssl-1.0.2_14 | wc -l 38 The first thing I do not understand is why it is so important for so many packages to pull in the package. # openssl version OpenSSL 1.0.1t-freebsd 3 May 2016 # /usr/local/bin/openssl version WARNING: can't open config file: /usr/local/openssl/openssl.cnf OpenSSL 1.0.2h 3 May 2016 The second thing I do not understand is why GSS-API should help. I searched for USES+=gssapi and did find only four projects that really have it. None of them is installed here. $ rbfind /usr/ports 'prune if name == "work" ; name == "Makefile" and grep /\bUSES.*gssapi/' Many ports have GSSAPI disabled here and they do not segfault because of an OpenSSL conflict. Example: # grep -h 'SET.*GSS' /var/db/ports/databases_postgresql95-*/options OPTIONS_FILE_UNSET+=GSSAPI OPTIONS_FILE_UNSET+=GSSAPI The third thing I do not understand is why there is an OpenSSL conflict at all. I definitely told loudmouth to use GnuTLS. # grep SSL\\\|TLS /var/db/ports/net-im_loudmouth/options _FILE_COMPLETE_OPTIONS_LIST=DOCS GNUTLS OPENSSL OPTIONS_FILE_SET+=GNUTLS OPTIONS_FILE_UNSET+=OPENSSL # cd net-im/loudmouth # make run-depends-list build-depends-list | grep ssl\\\|tls /usr/ports/security/gnutls /usr/ports/security/gnutls This appears to be a real port bug to me. Bertram -- Bertram Scharpf Stuttgart, Deutschland/Germany http://www.bertram-scharpf.de
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160729100952.GA4967>