From owner-freebsd-current@freebsd.org Sun Oct 14 12:36:40 2018 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 88B1310D2526 for ; Sun, 14 Oct 2018 12:36:40 +0000 (UTC) (envelope-from cy.schubert@cschubert.com) Received: from smtp-out-so.shaw.ca (smtp-out-so.shaw.ca [64.59.136.139]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "Client", Issuer "CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id C9CFB86705; Sun, 14 Oct 2018 12:36:39 +0000 (UTC) (envelope-from cy.schubert@cschubert.com) Received: from spqr.komquats.com ([70.67.125.17]) by shaw.ca with ESMTPA id BfdFgK5rS5HxqBfdGgQwmp; Sun, 14 Oct 2018 06:36:31 -0600 X-Authority-Analysis: v=2.3 cv=BMcHU2YG c=1 sm=1 tr=0 a=VFtTW3WuZNDh6VkGe7fA3g==:117 a=VFtTW3WuZNDh6VkGe7fA3g==:17 a=kj9zAlcOel0A:10 a=smKx5t2vBNcA:10 a=6I5d2MoRAAAA:8 a=YxBL1-UpAAAA:8 a=Ltv5E9xKY62GVMKN4rsA:9 a=CjuIK1q_8ugA:10 a=IjZwj45LgO3ly-622nXo:22 a=Ia-lj3WSrqcvXOmTRaiG:22 Received: from slippy.cwsent.com (slippy8 [10.2.2.6]) by spqr.komquats.com (Postfix) with ESMTPS id 85B831B3B; Sun, 14 Oct 2018 05:36:28 -0700 (PDT) Received: from slippy.cwsent.com (localhost [127.0.0.1]) by slippy.cwsent.com (8.15.2/8.15.2) with ESMTP id w9ECaSR9007763; Sun, 14 Oct 2018 05:36:28 -0700 (PDT) (envelope-from Cy.Schubert@cschubert.com) Received: from slippy (cy@localhost) by slippy.cwsent.com (8.15.2/8.15.2/Submit) with ESMTP id w9ECaSHd007740; Sun, 14 Oct 2018 05:36:28 -0700 (PDT) (envelope-from Cy.Schubert@cschubert.com) Message-Id: <201810141236.w9ECaSHd007740@slippy.cwsent.com> X-Authentication-Warning: slippy.cwsent.com: cy owned process doing -bs X-Mailer: exmh version 2.8.0 04/21/2012 with nmh-1.7.1 Reply-to: Cy Schubert From: Cy Schubert X-os: FreeBSD X-Sender: cy@cwsent.com X-URL: http://www.cschubert.com/ To: Daniel Eischen cc: Cy Schubert , Don Lewis , FreeBSD current , re@FreeBSD.org Subject: Re: OpenSSL 1.1.1 libssl.so version number In-Reply-To: Message from Daniel Eischen of "Sat, 13 Oct 2018 14:02:37 -0400." <0F7EB379-8C52-478A-AA5A-AC4257E5B70A@freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sun, 14 Oct 2018 05:36:28 -0700 X-CMAE-Envelope: MS4wfO7aB46SU6y6wOJLCoy/jIvQJjuxofHrQLA0eEITEluEvChE9sNpAOK3ZYnoXyoGvJ0Ux3Paq5fvfErRumap6LWeoCg4h9hXcHR07G/2pLUy9Dvj/ve3 fuXHLp1lTFtd2v2FZ0HU/FQG1SLlqOvc3BFHOGSgEcWFaMSjQf8bQ4YQfOH34pDxlDmT/iRUUPXYpz24kCRcgGvR+TIlPAvoqif+3apvKgQ4Zs1SDnHKIS7N vUxcDKBkINTfBwfrNqf8Vua8JZY1NBGdc1ZvjPtXIIM= X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Oct 2018 12:36:40 -0000 In message <0F7EB379-8C52-478A-AA5A-AC4257E5B70A@freebsd.org>, Daniel Eischen w rites: > > > > On Oct 12, 2018, at 10:58 PM, Cy Schubert wrote > : > > > > In message , Don Lewis writes: > >> Prior to the OpenSSL 1.1.1 import, the base OpenSSL library was > >> /usr/lib/libssl.so.8. The security/openssl port (1.0.2p) installed > >> ${LOCALBASE}/lib/ilbssl.so.9 and the security/openssl-devel port > >> (1.1.0i) installed ${LOCALBASE}/lib/libssl.so.11. After the import, the > >> base OpenSSL library is /usr/lib/libssl.so.9. Now if you build ports > >> with DEFAULT_VERSIONS+=ssl=openssl, the library that actually gets used > >> is ambiguous because there are now two different versions of libssl.so > >> (1.0.2p and 1.1.1) with the same shared library version number. > >> > >> I stumbled across this when debugging a virtualbox-ose configure > >> failure. The test executable was linked to the ports version of > >> libssl.so but rtld chose the base libssl.so at run time. > > > > This is also the issue with ports-mgmt/pkg on a system that still > > requires OpenSSL 1.0.2 from ports in order to support an old client. > > > > cwfw# pkg info > > ld-elf.so.1: /usr/local/lib/libcrypto.so.9: version OPENSSL_1_1_0 > > required by /usr/local/lib/libpkg.so.4 not defined > > cwfw# > > > > If I remove security/openssl, the above issue is resolved however the > > old client, which should be replaced next year, fails to communicate > > with the server. The classic rock & a hard place scenario. > > Not saying this is a real solution for the general problem, but can you use a > libmap.conf entry to work around this? I tried using the path1 path2 form. No joy there. -- Cheers, Cy Schubert FreeBSD UNIX: Web: http://www.FreeBSD.org The need of the many outweighs the greed of the few.