From owner-freebsd-questions@FreeBSD.ORG  Mon Jan 16 05:34:19 2012
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id CE4A1106566B
	for <freebsd-questions@freebsd.org>;
	Mon, 16 Jan 2012 05:34:19 +0000 (UTC)
	(envelope-from Devin.Teske@fisglobal.com)
Received: from mx1.fisglobal.com (mx1.fisglobal.com [199.200.24.190])
	by mx1.freebsd.org (Postfix) with ESMTP id 876B48FC08
	for <freebsd-questions@freebsd.org>;
	Mon, 16 Jan 2012 05:34:19 +0000 (UTC)
Received: from pps.filterd (ltcfislmsgpa06 [127.0.0.1])
	by ltcfislmsgpa06.fnfis.com (8.14.4/8.14.4) with SMTP id q0G5PrEA010646
	for <freebsd-questions@freebsd.org>; Sun, 15 Jan 2012 23:34:18 -0600
Received: from smtp.fisglobal.com ([10.132.206.31])
	by ltcfislmsgpa06.fnfis.com with ESMTP id 12c8g5139n-1
	(version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT)
	for <freebsd-questions@freebsd.org>; Sun, 15 Jan 2012 23:34:18 -0600
Received: from [10.0.0.104] (10.14.152.28) by smtp.fisglobal.com
	(10.132.206.31) with Microsoft SMTP Server (TLS) id 14.1.323.3;
	Sun, 15 Jan 2012 23:34:17 -0600
MIME-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset="us-ascii"
From: Devin Teske <devin.teske@fisglobal.com>
In-Reply-To: <B010B97F-3C13-480E-BF1C-B1030BFD5E8E@fisglobal.com>
Date: Sun, 15 Jan 2012 21:34:15 -0800
Content-Transfer-Encoding: quoted-printable
Message-ID: <20FEFC1E-0A83-4365-900E-64B6FC49835D@fisglobal.com>
References: <2F8A82E5-70D7-4A1F-A785-704F41E7DFDA@fisglobal.com>
	<3489DCF5-0E1F-4F6B-A924-772F6F7B2E18@fisglobal.com>
	<12FE05E5-A149-43D8-A910-8765B732FE8D@fisglobal.com>
	<AED014DD-D87C-46C1-8985-85021082A82F@fisglobal.com>
	<8A9F4627-EE7A-454E-8D6E-B52320F29E24@fisglobal.com>
	<0BE673CC-3BF9-469A-9CF1-E16E89F75030@fisglobal.com>
	<B010B97F-3C13-480E-BF1C-B1030BFD5E8E@fisglobal.com>
To: Devin Teske <devin.teske@fisglobal.com>
X-Mailer: Apple Mail (2.1084)
X-Originating-IP: [10.14.152.28]
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.5.7110, 1.0.211,
	0.0.0000
	definitions=2012-01-16_01:2012-01-13, 2012-01-16,
	1970-01-01 signatures=0
Cc: FreeBSD Questions <freebsd-questions@freebsd.org>,
	Dave Robison <Dave.Robison@fisglobal.com>
Subject: [SOLVED] Re: buildworld -DWITHOUT_OPENSSL fails at
	usr.sbin/wpa/wpa_supplicant (all) (was usr.sbin/wpa/hostapd
	(depend) (was: lib/libbsnmp/libbsnmp (all) (was:
	lib/libarchive (depend))))
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Jan 2012 05:34:19 -0000


On Jan 15, 2012, at 7:28 PM, Devin Teske wrote:

>=20
> On Jan 15, 2012, at 5:57 PM, Devin Teske wrote:
>=20
>>=20
>> On Jan 15, 2012, at 10:43 AM, Devin Teske wrote:
>>=20
>>>=20
>>> On Jan 15, 2012, at 10:11 AM, Devin Teske wrote:
>>>> On Jan 13, 2012, at 7:28 PM, Devin Teske wrote:
>>>>> Trying to buildworld in RELENG_9 with -DWITHOUT_OPENSSL and getting f=
ailures.
>>>>>=20
>>>>> First failure we encountered required the following patch to get past=
 "lib/libarchive (depend)"...
>>>>>=20
>>>>>>=20
>>>>>> --- lib/libarchive/config_freebsd.h.orig	2012-01-05 03:44:55.0000000=
00 -0800
>>>>>> +++ lib/libarchive/config_freebsd.h	2012-01-13 18:43:46.000000000 -0=
800
>>>>>> @@ -176,9 +176,4 @@
>>>>>> #define	ARCHIVE_HASH_SHA256_OPENSSL 1
>>>>>> #define	ARCHIVE_HASH_SHA384_OPENSSL 1
>>>>>> #define	ARCHIVE_HASH_SHA512_OPENSSL 1
>>>>>> -#else
>>>>>> -#define	ARCHIVE_HASH_MD5_LIBC 1
>>>>>> -#define	ARCHIVE_HASH_SHA1_LIBC 1
>>>>>> -#define	ARCHIVE_HASH_SHA256_LIBC 1
>>>>>> -#define	ARCHIVE_HASH_SHA512_LIBC 1
>>>>>> #endif
>>>>>>=20
>>>>>> The above patch allowed the mkdep to succeed and later-compilation i=
n the same directory succeeded (yay).
>>>>>=20
>>>>> However, you don't get far before the next error.
>>>>>=20
>>>>> Making all in lib/libbsnmp/libbsnmp with -DWITHOUT_OPENSSL...
>>>>>=20
>>>>> cc  -I/usr/src/lib/libbsnmp/libbsnmp/../../../contrib/bsnmp/lib -DHAV=
E_ERR_H -DHAVE_GETADDRINFO -DHAVE_STRLCPY -DHAVE_STDINT_H -DHAVE_INTTYPES_H=
 -DQUADFMT=3D'"llu"' -DQUADXFMT=3D'"llx"' -std=3Dgnu99 -fstack-protector -W=
system-headers -Wall -Wno-format-y2k -W -Wno-unused-parameter -Wstrict-prot=
otypes -Wmissing-prototypes -Wpointer-arith -Wreturn-type -Wcast-qual -Wwri=
te-strings -Wswitch -Wshadow -Wunused-parameter -Wcast-align -Wchar-subscri=
pts -Winline -Wnested-externs -Wredundant-decls -Wold-style-definition -Wno=
-pointer-sign -c /usr/src/lib/libbsnmp/libbsnmp/../../../contrib/bsnmp/lib/=
snmpcrypto.c
>>>>> /usr/src/lib/libbsnmp/libbsnmp/../../../contrib/bsnmp/lib/snmpcrypto.=
c:371: error: conflicting types for 'snmp_passwd_to_keys'
>>>>> /usr/src/lib/libbsnmp/libbsnmp/../../../contrib/bsnmp/lib/snmp.h:273:=
 error: previous declaration of 'snmp_passwd_to_keys' was here
>>>>> /usr/src/lib/libbsnmp/libbsnmp/../../../contrib/bsnmp/lib/snmpcrypto.=
c:384: error: conflicting types for 'snmp_get_local_keys'
>>>>> /usr/src/lib/libbsnmp/libbsnmp/../../../contrib/bsnmp/lib/snmp.h:274:=
 error: previous declaration of 'snmp_get_local_keys' was here
>>>>>=20
>>>>=20
>>>> The solution to this appears to be the following patch:
>>>>=20
>>>> =3D=3D=3D=3D=3D=3D=3D=3D=3D BEGIN PATCH =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>>>> --- contrib/bsnmp/lib/snmpcrypto.c.orig	2011-09-22 17:51:37.000000000 =
-0700
>>>> +++ contrib/bsnmp/lib/snmpcrypto.c	2012-01-15 09:49:27.000000000 -0800
>>>> @@ -366,7 +366,7 @@ snmp_pdu_decrypt(const struct snmp_pdu *
>>>> 	return (SNMP_CODE_OK);
>>>> }
>>>>=20
>>>> -int
>>>> +enum snmp_code
>>>> snmp_passwd_to_keys(struct snmp_user *user, char *passwd __unused)
>>>> {
>>>> 	if (user->auth_proto =3D=3D SNMP_AUTH_NOAUTH &&
>>>> @@ -378,7 +378,7 @@ snmp_passwd_to_keys(struct snmp_user *us
>>>> 	return (SNMP_CODE_FAILED);
>>>> }
>>>>=20
>>>> -int
>>>> +enum snmp_code
>>>> snmp_get_local_keys(struct snmp_user *user, uint8_t *eid __unused,
>>>>  uint32_t elen __unused)
>>>> {
>>>>=20
>>>> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D END PATCH =3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D
>>>>=20
>>>=20
>>> Then you churn along for some lengthy time (even making it all the way =
through clang successfully), but then stop again at usr.sbin/wpa/hostapd (d=
epend) (output at end).
>>>=20
>>> Probably going to be a patch similar to the libarchive one.
>>> --=20
>>> Devin
>>>=20
>>>=20
>>> =3D=3D=3D> usr.sbin/wpa/hostapd (depend)
>>> rm -f .depend
>>> mkdep -f .depend -a    -DDRUID -I/usr/src/usr.sbin/wpa/hostapd -I/usr/s=
rc/usr.sbin/wpa/hostapd/../../../contrib/wpa//src -I/usr/src/usr.sbin/wpa/h=
ostapd/../../../contrib/wpa//src/common -I/usr/src/usr.sbin/wpa/hostapd/../=
../../contrib/wpa//src/crypto -I/usr/src/usr.sbin/wpa/hostapd/../../../cont=
rib/wpa//src/l2_packet -I/usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa=
//src/utils -DCONFIG_CTRL_IFACE -DCONFIG_CTRL_IFACE_UNIX -I/usr/src/usr.sbi=
n/wpa/hostapd/../../../contrib/wpa//hostapd -I/usr/src/usr.sbin/wpa/hostapd=
/../../../contrib/wpa//src/drivers -DCONFIG_DRIVER_BSD -DHOSTAPD -DCONFIG_D=
RIVER_RADIUS_ACL -DCONFIG_IPV6 -DEAP_TLS_NONE -DINTERNAL_AES -DINTERNAL_SHA=
1 -DINTERNAL_MD5 -I/usr/src/usr.sbin/wpa/hostapd -I/usr/src/usr.sbin/wpa/ho=
stapd/../../../contrib/wpa//src -I/usr/src/usr.sbin/wpa/hostapd/../../../co=
ntrib/wpa//src/common -I/usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa/=
/src/crypto -I/usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/l2_pa=
cket -I/usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/utils -DCONF=
IG_CTRL_IFACE -DCONFIG_CTRL_IFACE_UNIX /usr/src/usr.sbin/wpa/hostapd/../../=
../contrib/wpa//src/ap/accounting.c /usr/src/usr.sbin/wpa/hostapd/../../../=
contrib/wpa//src/crypto/aes-wrap.c /usr/src/usr.sbin/wpa/hostapd/../../../c=
ontrib/wpa//src/ap/ap_config.c /usr/src/usr.sbin/wpa/hostapd/../../../contr=
ib/wpa//src/ap/ap_drv_ops.c /usr/src/usr.sbin/wpa/hostapd/../../../contrib/=
wpa//src/ap/ap_mlme.c /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//s=
rc/ap/authsrv.c /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/eap=
_common/chap.c /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/util=
s/common.c /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//hostapd/conf=
ig_file.c /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//hostapd/ctrl_=
iface.c /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/crypto/cryp=
to_openssl.c /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/ap/ctr=
l_iface_ap.c /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/driver=
s/drivers.c /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/ap/drv_=
callbacks.c /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//hostapd/dum=
p_state.c /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/eap_commo=
n/eap_common.c /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/eap_=
common/eap_peap_common.c /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa=
//hostapd/eap_register.c /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa=
//src/eap_server/eap_server.c /usr/src/usr.sbin/wpa/hostapd/../../../contri=
b/wpa//src/eap_server/eap_server_gtc.c /usr/src/usr.sbin/wpa/hostapd/../../=
../contrib/wpa//src/eap_server/eap_server_identity.c /usr/src/usr.sbin/wpa/=
hostapd/../../../contrib/wpa//src/eap_server/eap_server_md5.c /usr/src/usr.=
sbin/wpa/hostapd/../../../contrib/wpa//src/eap_server/eap_server_methods.c =
/usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/eap_server/eap_serv=
er_mschapv2.c /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/eap_s=
erver/eap_server_peap.c /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa/=
/src/eap_server/eap_server_tls.c /usr/src/usr.sbin/wpa/hostapd/../../../con=
trib/wpa//src/eap_server/eap_server_tls_common.c /usr/src/usr.sbin/wpa/host=
apd/../../../contrib/wpa//src/eap_server/eap_server_ttls.c /usr/src/usr.sbi=
n/wpa/hostapd/../../../contrib/wpa//src/eapol_auth/eapol_auth_dump.c /usr/s=
rc/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/eapol_auth/eapol_auth_sm.=
c /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/utils/eloop.c /us=
r/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/ap/hostapd.c /usr/src/=
usr.sbin/wpa/hostapd/../../../contrib/wpa//src/ap/ieee802_11_auth.c /usr/sr=
c/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/common/ieee802_11_common.c=
 /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/ap/ieee802_11_ht.c=
 /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/ap/ieee802_1x.c /u=
sr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/utils/ip_addr.c /usr/=
src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/crypto/md5.c /usr/src/us=
r.sbin/wpa/hostapd/../../../contrib/wpa//hostapd/main.c /usr/src/usr.sbin/w=
pa/hostapd/../../../contrib/wpa//src/crypto/ms_funcs.c /usr/src/usr.sbin/wp=
a/hostapd/../../../contrib/wpa//src/ap/peerkey_auth.c /usr/src/usr.sbin/wpa=
/hostapd/../../../contrib/wpa//src/ap/pmksa_cache_auth.c /usr/src/usr.sbin/=
wpa/hostapd/../../../contrib/wpa//src/ap/preauth_auth.c /usr/src/usr.sbin/w=
pa/hostapd/../../../contrib/wpa//src/radius/radius.c /usr/src/usr.sbin/wpa/=
hostapd/../../../contrib/wpa//src/radius/radius_client.c /usr/src/usr.sbin/=
wpa/hostapd/../../../contrib/wpa//src/ap/sta_info.c /usr/src/usr.sbin/wpa/h=
ostapd/../../../contrib/wpa//src/crypto/sha1-pbkdf2.c /usr/src/usr.sbin/wpa=
/hostapd/../../../contrib/wpa//src/crypto/sha1-tlsprf.c /usr/src/usr.sbin/w=
pa/hostapd/../../../contrib/wpa//src/crypto/sha1-tprf.c /usr/src/usr.sbin/w=
pa/hostapd/../../../contrib/wpa//src/crypto/sha1.c /usr/src/usr.sbin/wpa/ho=
stapd/../../../contrib/wpa//src/ap/tkip_countermeasures.c /usr/src/usr.sbin=
/wpa/hostapd/../../../contrib/wpa//src/ap/utils.c /usr/src/usr.sbin/wpa/hos=
tapd/../../../contrib/wpa//src/ap/vlan_init.c /usr/src/usr.sbin/wpa/hostapd=
/../../../contrib/wpa//src/ap/wpa_auth.c /usr/src/usr.sbin/wpa/hostapd/../.=
./../contrib/wpa//src/ap/wpa_auth_glue.c /usr/src/usr.sbin/wpa/hostapd/../.=
./../contrib/wpa//src/ap/wpa_auth_ie.c /usr/src/usr.sbin/wpa/hostapd/../../=
../contrib/wpa//src/common/wpa_common.c /usr/src/usr.sbin/wpa/hostapd/../..=
/../contrib/wpa//src/utils/wpa_debug.c /usr/src/usr.sbin/wpa/hostapd/../../=
../contrib/wpa//src/utils/wpabuf.c /usr/src/usr.sbin/wpa/hostapd/../../../c=
ontrib/wpa//src/l2_packet/l2_packet_freebsd.c /usr/src/usr.sbin/wpa/hostapd=
/driver_freebsd.c /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/u=
tils/os_unix.c /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/cryp=
to/tls_none.c
>>> /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/crypto/crypto_o=
penssl.c:16:30: error: openssl/opensslv.h: No such file or directory
>>> /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/crypto/crypto_o=
penssl.c:17:25: error: openssl/err.h: No such file or directory
>>> /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/crypto/crypto_o=
penssl.c:18:25: error: openssl/des.h: No such file or directory
>>> /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/crypto/crypto_o=
penssl.c:19:25: error: openssl/aes.h: No such file or directory
>>> /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/crypto/crypto_o=
penssl.c:20:24: error: openssl/bn.h: No such file or directory
>>> /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/crypto/crypto_o=
penssl.c:21:25: error: openssl/evp.h: No such file or directory
>>> /usr/src/usr.sbin/wpa/hostapd/../../../contrib/wpa//src/crypto/crypto_o=
penssl.c:22:24: error: openssl/dh.h: No such file or directory
>>> mkdep: compile failed
>>> *** Error code 1
>>>=20
>>> Stop in /usr/src/usr.sbin/wpa/hostapd.
>>> *** Error code 1
>>=20
>> Quick and dirty way around this one is the following patch:
>>=20
>> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D BEGIN PATCH =3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D
>> --- usr.sbin/wpa/hostapd/Makefile.orig	2011-09-22 17:51:37.000000000 -07=
00
>> +++ usr.sbin/wpa/hostapd/Makefile	2012-01-15 11:01:49.000000000 -0800
>> @@ -14,7 +14,7 @@
>> PROG=3D	hostapd
>> SRCS=3D	accounting.c aes-wrap.c ap_config.c \
>> 	ap_drv_ops.c ap_mlme.c authsrv.c \
>> -	chap.c common.c config_file.c ctrl_iface.c crypto_openssl.c \
>> +	chap.c common.c config_file.c ctrl_iface.c \
>> 	ctrl_iface_ap.c drivers.c drv_callbacks.c dump_state.c \
>> 	eap_common.c eap_peap_common.c eap_register.c eap_server.c \
>> 	eap_server_gtc.c eap_server_identity.c eap_server_md5.c \
>> @@ -28,6 +28,9 @@
>> 	tkip_countermeasures.c utils.c \
>> 	vlan_init.c wpa_auth.c wpa_auth_glue.c wpa_auth_ie.c wpa_common.c \
>> 	wpa_debug.c wpabuf.c
>> +.if ${MK_OPENSSL} !=3D "no"
>> +SRCS+=3D	crypto_openssl.c=20
>> +.endif
>> SRCS+=3D	l2_packet_freebsd.c driver_freebsd.c os_unix.c
>>=20
>> MAN=3D	hostapd.8 hostapd.conf.5
>> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D END PATCH =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>>=20
>> And that gets you a bit further, stopping next at "usr.sbin/wpa/wpa_supp=
licant" making all.
>>=20
>> Error is:
>>=20
>> cc  -I/usr/src/usr.sbin/wpa/wpa_supplicant -I/usr/src/usr.sbin/wpa/wpa_s=
upplicant/../../../contrib/wpa//src -I/usr/src/usr.sbin/wpa/wpa_supplicant/=
../../../contrib/wpa//src/common -I/usr/src/usr.sbin/wpa/wpa_supplicant/../=
../../contrib/wpa//src/crypto -I/usr/src/usr.sbin/wpa/wpa_supplicant/../../=
../contrib/wpa//src/l2_packet -I/usr/src/usr.sbin/wpa/wpa_supplicant/../../=
../contrib/wpa//src/utils -DCONFIG_CTRL_IFACE -DCONFIG_CTRL_IFACE_UNIX -I/u=
sr/src/usr.sbin/wpa/wpa_supplicant/../../../contrib/wpa//wpa_supplicant -I/=
usr/src/usr.sbin/wpa/wpa_supplicant/../../../contrib/wpa//src/drivers -I/us=
r/src/usr.sbin/wpa/wpa_supplicant/../../../contrib/wpa//src/rsn_supp -DCONF=
IG_DRIVER_BSD -DCONFIG_DRIVER_NDIS -DCONFIG_DRIVER_WIRED -DCONFIG_TERMINATE=
_ONLASTIF -DCONFIG_DEBUG_SYSLOG -DCONFIG_BACKEND_FILE  -DIEEE8021X_EAPOL -D=
EAP_TLS_NONE -DINTERNAL_AES -DINTERNAL_SHA1 -DINTERNAL_MD5 -I/usr/src/usr.s=
bin/wpa/wpa_supplicant -I/usr/src/usr.sbin/wpa/wpa_supplicant/../../../cont=
rib/wpa//src -I/usr/src/usr.sbin/wpa/wpa_supplicant/../../../contrib/wpa//s=
rc/common -I/usr/src/usr.sbin/wpa/wpa_supplicant/../../../contrib/wpa//src/=
crypto -I/usr/src/usr.sbin/wpa/wpa_supplicant/../../../contrib/wpa//src/l2_=
packet -I/usr/src/usr.sbin/wpa/wpa_supplicant/../../../contrib/wpa//src/uti=
ls -DCONFIG_CTRL_IFACE -DCONFIG_CTRL_IFACE_UNIX -std=3Dgnu99 -fstack-protec=
tor   -o wpa_supplicant aes-cbc.o aes-ctr.o aes-eax.o aes-encblock.o aes-in=
ternal.o aes-omac1.o aes-unwrap.o aes-wrap.o bss.o blacklist.o common.o con=
fig.o ctrl_iface.o ctrl_iface_unix.o drivers.o eloop.o events.o l2_packet_f=
reebsd.o main.o md5.o notify.o preauth.o pmksa_cache.o scan.o sha1-pbkdf2.o=
 sha1-tlsprf.o sha1-tprf.o sha1.o wpa.o wpa_common.o wpa_debug.o wpa_ie.o w=
pa_supplicant.o wpabuf.o wpas_glue.o driver_ndis.o Packet32.o driver_wired.=
o driver_freebsd.o os_unix.o config_file.o base64.o eapol_supp_sm.o eap.o e=
ap_common.o eap_methods.o eap_register.o tls_none.o -lpcap=20
>> aes-cbc.o: In function `aes_128_cbc_encrypt':
>> aes-cbc.c:(.text+0x37): undefined reference to `aes_encrypt_init'
>> aes-cbc.c:(.text+0xba): undefined reference to `aes_encrypt'
>> aes-cbc.c:(.text+0xe6): undefined reference to `aes_encrypt_deinit'
>> aes-cbc.o: In function `aes_128_cbc_decrypt':
>> aes-cbc.c:(.text+0x147): undefined reference to `aes_decrypt_init'
>> aes-cbc.c:(.text+0x1a7): undefined reference to `aes_decrypt'
>> aes-cbc.c:(.text+0x20c): undefined reference to `aes_decrypt_deinit'
>> aes-ctr.o: In function `aes_128_ctr_encrypt':
>> aes-ctr.c:(.text+0x42): undefined reference to `aes_encrypt_init'
>> aes-ctr.c:(.text+0x84): undefined reference to `aes_encrypt'
>> aes-ctr.c:(.text+0x12d): undefined reference to `aes_encrypt_deinit'
>> aes-encblock.o: In function `aes_128_encrypt_block':
>> aes-encblock.c:(.text+0x1e): undefined reference to `aes_encrypt_init'
>> aes-encblock.c:(.text+0x43): undefined reference to `aes_encrypt'
>> aes-encblock.c:(.text+0x4c): undefined reference to `aes_encrypt_deinit'
>> aes-omac1.o: In function `omac1_aes_128_vector':
>> aes-omac1.c:(.text+0xdf): undefined reference to `aes_encrypt_init'
>> aes-omac1.c:(.text+0x204): undefined reference to `aes_encrypt'
>> aes-omac1.c:(.text+0x238): undefined reference to `aes_encrypt'
>> aes-omac1.c:(.text+0x32d): undefined reference to `aes_encrypt'
>> aes-omac1.c:(.text+0x336): undefined reference to `aes_encrypt_deinit'
>> aes-unwrap.o: In function `aes_unwrap':
>> aes-unwrap.c:(.text+0x62): undefined reference to `aes_decrypt_init'
>> aes-unwrap.c:(.text+0xfb): undefined reference to `aes_decrypt'
>> aes-unwrap.c:(.text+0x14d): undefined reference to `aes_decrypt_deinit'
>> aes-wrap.o: In function `aes_wrap':
>> aes-wrap.c:(.text+0x6b): undefined reference to `aes_encrypt_init'
>> aes-wrap.c:(.text+0xdf): undefined reference to `aes_encrypt'
>> aes-wrap.c:(.text+0x15b): undefined reference to `aes_encrypt_deinit'
>> md5.o: In function `hmac_md5_vector':
>> md5.c:(.text+0x80): undefined reference to `md5_vector'
>> md5.c:(.text+0x198): undefined reference to `md5_vector'
>> md5.c:(.text+0x24d): undefined reference to `md5_vector'
>> sha1.o: In function `hmac_sha1_vector':
>> sha1.c:(.text+0x80): undefined reference to `sha1_vector'
>> sha1.c:(.text+0x198): undefined reference to `sha1_vector'
>> sha1.c:(.text+0x24d): undefined reference to `sha1_vector'
>> wpa.o: In function `wpa_supplicant_process_1_of_2_wpa':
>> wpa.c:(.text+0x2bc1): undefined reference to `rc4_skip'
>> wpa.o: In function `wpa_supplicant_decrypt_key_data':
>> wpa.c:(.text+0x34a6): undefined reference to `rc4_skip'
>> eapol_supp_sm.o: In function `eapol_sm_processKey':
>> eapol_supp_sm.c:(.text+0x1846): undefined reference to `rc4_skip'
>> eap.o: In function `eap_sm_parseEapReq':
>> eap.c:(.text+0x2362): undefined reference to `md5_vector'
>> *** Error code 1
>>=20
>> Stop in /usr/src/usr.sbin/wpa/wpa_supplicant.
>> *** Error code 1
>>=20
>> I'm seeing that the INTERNAL_MD5 stuff was removed from src/contrib/wpa/=
src/crypto/md5.c
>>=20
>=20
>=20
> to answer myself... moved to src/contrib/wpa/src/crypto/md5-internal.c wh=
ich isn't being included when -DWITHOUT_OPENSSL is passed to buildworld.
>=20
> This patch does the job to get past that...
>=20
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D BEGIN PATCH =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> --- usr.sbin/wpa/wpa_supplicant/Makefile.orig   2011-09-22 17:51:37.00000=
0000 -0700
> +++ usr.sbin/wpa/wpa_supplicant/Makefile        2012-01-15 18:57:58.00000=
0000 -0800
> @@ -20,6 +20,10 @@
>        driver_ndis.c Packet32.c \
>        driver_wired.c \
>        driver_freebsd.c os_unix.c
> +.if ${MK_OPENSSL} =3D=3D "no"
> +SRCS+=3D aes-internal-dec.c aes-internal-enc.c md5-internal.c sha1-inter=
nal.c \
> +       rc4.c
> +.endif
>=20
> MAN=3D   wpa_supplicant.8 wpa_supplicant.conf.5
>=20
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D END PATCH =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>=20
> However, now I have to go back and add-to my earlier patch to src/usr.sbi=
n/wpa/hostapd/Makefile as this is the next roadblock:
>=20
> =3D=3D=3D> usr.sbin/wpa/hostapd (all)
> make: don't know how to make /usr/obj/usr/src/tmp/usr/lib/libssl.a. Stop
>=20

I revised my earlier patch to src/usr.sbin/wpa/hostapd/Makefile...

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D BEGIN PATCH =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- usr.sbin/wpa/hostapd/Makefile.orig	2011-09-22 17:51:37.000000000 -0700
+++ usr.sbin/wpa/hostapd/Makefile	2012-01-15 21:08:02.000000000 -0800
@@ -9,12 +9,13 @@
 	${WPA_DISTDIR}/src/eapol_auth \
 	${WPA_DISTDIR}/src/drivers \
 	${WPA_DISTDIR}/src/radius \
+	${WPA_DISTDIR}/src/crypto \
 	${WPA_DISTDIR}
=20
 PROG=3D	hostapd
 SRCS=3D	accounting.c aes-wrap.c ap_config.c \
 	ap_drv_ops.c ap_mlme.c authsrv.c \
-	chap.c common.c config_file.c ctrl_iface.c crypto_openssl.c \
+	chap.c common.c config_file.c ctrl_iface.c \
 	ctrl_iface_ap.c drivers.c drv_callbacks.c dump_state.c \
 	eap_common.c eap_peap_common.c eap_register.c eap_server.c \
 	eap_server_gtc.c eap_server_identity.c eap_server_md5.c \
@@ -28,6 +29,12 @@
 	tkip_countermeasures.c utils.c \
 	vlan_init.c wpa_auth.c wpa_auth_glue.c wpa_auth_ie.c wpa_common.c \
 	wpa_debug.c wpabuf.c
+.if ${MK_OPENSSL} !=3D "no"
+SRCS+=3D	crypto_openssl.c=20
+.else
+SRCS+=3D	aes-internal.c aes-internal-enc.c des-internal.c md4-internal.c \
+	md5-internal.c rc4.c sha1-internal.c
+.endif
 SRCS+=3D	l2_packet_freebsd.c driver_freebsd.c os_unix.c
=20
 MAN=3D	hostapd.8 hostapd.conf.5
@@ -46,8 +53,8 @@
 CFLAGS+=3D -DCONFIG_IPV6
 .endif
 #CFLAGS+=3D -g
-DPADD+=3D	${LIBPCAP} ${LIBSSL}
-LDADD+=3D	-lpcap -lssl
+DPADD+=3D	${LIBPCAP}
+LDADD+=3D	-lpcap
=20
 # User customizations for wpa_supplicant/hostapd build environment
 CFLAGS+=3D${HOSTAPD_CFLAGS}
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D END PATCH =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

And success! Voila!

To recap, in order to compile cleanly with -DWITHOUT_OPENSSL, I had to patc=
h the following four (4) files:

	src/contrib/bsnmp/lib/snmpcrypto.c
	src/lib/libarchve/config_freebsd.h
	src/usr.sbin/wpa/hostapd/Makefile
	src/usr.sbin/wpa/wpa_supplicant/Makefile

All patches above (in reply-text).

I'll file a PR tomorrow, containing the above patches, restoring the abilit=
y to buildworld without openssl.
--=20
Devin

_____________
The information contained in this message is proprietary and/or confidentia=
l. If you are not the intended recipient, please: (i) delete the message an=
d all copies; (ii) do not disclose, distribute or use the message in any ma=
nner; and (iii) notify the sender immediately. In addition, please be aware=
 that any message addressed to our domain is subject to archiving and revie=
w by persons other than the intended recipient. Thank you.