Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 26 Jun 2023 11:33:14 +0200
From:      Guido Falsi <mad@madpilot.net>
To:        Dimitry Andric <dim@FreeBSD.org>, FreeBSD Current <freebsd-current@freebsd.org>
Cc:        Ed Maste <emaste@freebsd.org>
Subject:   Re: OpenSSL 3.0 is in the tree
Message-ID:  <8c22a9ef-aa34-3175-2768-72bda6a24fd8@madpilot.net>
In-Reply-To: <7F74F4D7-77F6-478E-8D3A-9E705F363F5B@FreeBSD.org>
References:  <CAPyFy2CsxgfQh_Q7gjeDBjrNprfA_MMXgcnQfSmMSjx9-pRRUQ@mail.gmail.com> <7F74F4D7-77F6-478E-8D3A-9E705F363F5B@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 24/06/23 16:47, Dimitry Andric wrote:
> On 24 Jun 2023, at 16:22, Ed Maste <emaste@freebsd.org> wrote:
>>
>> Last night I merged OpenSSL 3.0 to main. This, along with the update
>> to Clang 16 and other recent changes may result in some challenges
>> over the next few days or weeks for folks following -CURRENT, such as
>> ports that need to be updated or unanticipated issues in the base
>> system.
>>
>> We need to get this work done so that we can continue moving on with
>> FreeBSD 14; I apologize for the trouble it might cause in the short
>> term. Please follow up to report any trouble you encounter.
> 
> Regarding affected ports, see also the llvm-16-update exp-run bug:
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=271047
> 
> and similarly, the openssl 3.0 exp-run bug:
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=271656
> 

Hi,

Thanks for your work on this, I understand and appreciate the importance 
of getting OpenSSL 3 in the tree.

I am trying to uupdate to the new head with openssl 3 and am observing 
something I did not expect.

Some ports are building fine but then failing at runtime. For example, 
security/pam_ssh_agent_auth fails at runtime when trying to use sudo 
(which uses this library via pam):

in try_dlopen(): /usr/local/lib/pam_ssh_agent_auth.so: (null): Undefined 
symbol "RSA_generate_key"

I see RSA_generate_key is deprecated, but should still be present in the 
library, I'm guessing there is some define or compile option I could 
enable in the port to make it work, but I'm failing to find the correct 
solution. Any help appreciated.


Anyway in general be warned that things are also failing at runtime in 
unexpected ways!


-- 
Guido Falsi <mad@madpilot.net>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8c22a9ef-aa34-3175-2768-72bda6a24fd8>