From owner-freebsd-elastic@freebsd.org Fri Nov 1 03:25:45 2019 Return-Path: Delivered-To: freebsd-elastic@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 65B491A20D9 for ; Fri, 1 Nov 2019 03:25:45 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 4746yx25rbz4DZf for ; Fri, 1 Nov 2019 03:25:45 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 480401A20D8; Fri, 1 Nov 2019 03:25:45 +0000 (UTC) Delivered-To: elastic@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 47C641A20D7 for ; Fri, 1 Nov 2019 03:25:45 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4746yx1FTdz4DZc for ; Fri, 1 Nov 2019 03:25:45 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 0E4A94F29 for ; Fri, 1 Nov 2019 03:25:45 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id xA13PifM057683 for ; Fri, 1 Nov 2019 03:25:44 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id xA13Pidl057623 for elastic@FreeBSD.org; Fri, 1 Nov 2019 03:25:44 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: elastic@FreeBSD.org Subject: [Bug 241312] sysutils/logstash6 Cipher Error Date: Fri, 01 Nov 2019 03:25:43 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: glewis@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: elastic@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-elastic@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Support of ElasticSearch-related ports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Nov 2019 03:25:45 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D241312 --- Comment #9 from Greg Lewis --- I need to get into this deeper, but some other potential concerns: * netty-tcnative looks like it will build native libraries against libressl, boringssl, and openssl. You can't have all of those installed at once from ports because they conflict with each other (boringssl doesn't list the conflict, but it clearly has it). So there are some gymnastics that would = need to happen there to allow the full netty-tcnative build to work. * The JAR in logstash isn't the full netty-tcnative JAR, it's the one linked against boringssl based on the name (netty-tcnative-boringssl-static-2.0.12.Final.jar). That's unfortunate in = that I'm guessing boringssl is the least likely of the three for someone to have installed (given the general state of the project and port). One question I have here, without knowing the answer yet, is whether LogSta= sh is doing anything that is specific to boringssl? My guess would be no, sin= ce the tc-native code allows all three libraries to potentially be used as the native component. If that is the case, then it might be possible to build a native library for FreeBSD using whatever SSL lib is set as the default or maybe ignore ports altogether and build it against the system installed version. The dependen= cy on apr might mean we have to use the version in ports though, I haven't che= cked into that. Were that the case, it might make more sense to do it within the LogStash port and just build that library and add it into the JAR rather th= an attempt a general netty-tcnative port since that is going to have problems. Is someone either able to test or willing to share configuration files and testing steps if I were to try and put something like that together? --=20 You are receiving this mail because: You are the assignee for the bug.=