From nobody Mon Aug 14 04:04:29 2023 X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RPLQ91Njsz4TxQ3 for ; Mon, 14 Aug 2023 04:04:49 +0000 (UTC) (envelope-from marklmi@yahoo.com) Received: from sonic316-8.consmr.mail.gq1.yahoo.com (sonic316-8.consmr.mail.gq1.yahoo.com [98.137.69.32]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4RPLQ80ljgz3JTL for ; Mon, 14 Aug 2023 04:04:48 +0000 (UTC) (envelope-from marklmi@yahoo.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=yahoo.com header.s=s2048 header.b=miSPlm0g; spf=pass (mx1.freebsd.org: domain of marklmi@yahoo.com designates 98.137.69.32 as permitted sender) smtp.mailfrom=marklmi@yahoo.com; dmarc=pass (policy=reject) header.from=yahoo.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1691985885; bh=z/MhyCPGlS6u2PHxGxd4CUJ6rx4c3OgCz9N6dQoo7jA=; h=From:Subject:Date:To:References:From:Subject:Reply-To; b=miSPlm0g4ySOk3wwSxuFVquX0lnKOgb10+Mrr0u83iBexi6VotanMS4JLHQHGv4XE4pE4OjraR8LJ0IyEN6+VNA0yHzE6t/7jV6RVp5NPJTATdriPh8znpj4B6CIMjKnHcd7gzTfCIZZSZFyXKe7ny++tmbrkrJekquLaOzUXzDoplUyv4wyL4IkXnBsTejO+MfIygCDL+0qdC5RqIqi3v4j7X8s6xUv3A1vQ4FeAvyURbTi1FqCqoICU4lTJ/X3zXXviDqv9hdS+VARi/NGp4lJQoVD76oADQAZiQbDmAWldthqhM6Ci7joyC6IMyZ4EVXoCUOO5+8JhUegMo6gyA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1691985885; bh=G9KpGSw7lAEmwhinXIH/rkLukL2rEjCAv/Udcsm32O7=; h=X-Sonic-MF:From:Subject:Date:To:From:Subject; b=srGtNhdz/3cCqt2Fh0RDGTp+HC+iELomNidXKpznbLXKSZN4oa9qB2zhNazbmeTKiMmGE8/86XnuQOeApFKLd1NoBWS8F08rAjUeRLtvKDl95Qf9h1WvgRNm1Kyl3OJWshbLymAKNF/1rc2filC4maz5WDJrib8zIQlDt+RWlR4aBnMe5VH+50YH4ip7PVCZsClvaabhKKe3IMv+BmiQQpNu+PmBSwXGh9IqdUpuPclN2YOLQbR8bQ1xlwITGrNX2Zbi6cBb+LY8icwEeRvd+E4bcgHEqmhAktG9A5tf5W4xqtRmzEZO0WaVh3ZGcBFvNlYSrmq4Z7CzCrp28T0euw== X-YMail-OSG: yRzYNBwVM1mg8jCMi8n6neV4OjaA1x7rcgra5_wRV0DRffrFom_rutEKVYanK6T jI8RzyiRNWlbfr7TvMIjmt36QO30VcW6koxLCExj2UqIqxAXKBB0B8mttV8A1eYqNVlTwbkLx_oo 8RKyETuodhNKX_3FwBSThCivdPKgwiFgUjE26QaL3_sFv0ulAmrfJE9dp7NAh9pumqz9iii4l53c wZ02.GxZ_U8CN4TuzsBUQpAvsZrB5hW9jkOLdwWnD..dA66V3tTRzYrmZa2lyqghvsx7Mdaenoaw rP3W3SHMORzN5DdWxqGyvcDoYsV7AW7.1qgoXIn7UMMKTjW5TUmWjE.3hCTH8dr55xueJaB7Wa0m mBZN5WHhDlsXRJrdKpgOCBVRc_SQJhaMd2rM75Luaj2vI3GcSs9alai0bereL2_3AWbJBHmCtOes n.zJBKcck.zuVbiTpXsZ4.0YONK0adQpU3NWte3FZjix7XBJwEn9OE9UcUydTyPqpI8bmXkjHkkY 6HwDTzuji2FEwCHNv66Zsi0wQw6.85Xl8BFvniV93GfPTc5R7pWw8StwRXgCITB3fjXLA29N8iWB DmMTwYWsGKyKjunlPuvPXtJPF.FeJh.SPbzIeHlosf08iQ7bSxXG0Cmkd89sAScqt5QRvRLDeBPV 5XQMj9I4Uv5EcmikNgzmCPujEv29E0fqQS7SYfpyHergx4BZsU68PzIcY5OaRohOVndadsJAmRoW s7QGWBvWz89toOq2MukA1s9.Fj9koGnSJ6hX46Ie74s6RQ6xyRixyFex7b1jnNLQQ5jlPS9tBa8q T8EOXKKCiKL8ggIvrNRgYKrHxCfApFDK1QLR3LkRQdBl2AAQ6AEodCIPzTcnCvFvNbn_1BRrhd1v qlPLSiNQgn0j2vWp9iBNyHJ0l3szcq6l6OeVoXH2su7cthk47IIIIItt6VtuWrceGJdVvv4WapZ5 g2h51O0I3_MoCh0_j4LxRHN6aLxEAIBVB1T2eW.nyXmsZ2Gepg6X3VMjXRluD7VmzkJf0sgLmLWh ozb1M.PRkzHkWbnZMqwNF8dcPlLQLdSjiFLo0HCRue0A3im_I0btN6yqMnhpqEcewJVtmY5i.Jyi IZhymvEYSMWCK8T0ROuhd_DtBwP6ox0yvLFz8x9WvSO5KbfHVYi4o1by4Z0o18A57Pfqga8bRqxq mKI_ZkwVaIaIfb9zrpCnGOpF0YjS7BX8zmYtGKIZLLJKn9K6HMGXihA.vMh2oq7OllSeQTv25JRN dC7K2VrNWiEb7_YrNPs48APm9r3ksCo.vLlcErd28RZ1ZaYYI0Kbufyl1wo9oR0nG0G2QP4bqMT4 08kLdpwvx6O.iw.hBtig3O8ROTnEiXPD4YUHeM5wSSh0UNUrScR5IVUEdU2n9OF4ArzZoWDT0i.6 4yG1sfnv.cXovaIxdmOp2c7BfT1DFhRxyrj0eftVq3tZl4w9xXVVcybp9cc_V2cRwrZdfOSbhetZ VtjJlxy6GlTydkcnfMdIGt.dq5Qe7wRK3uO6E6giCtaavl2m66K7Md3Xw0_MgAkYKBFxmiQrXE85 .VvhNj5698aZlSdCvtSLGJqbkAT3WmWUO.aViqoDz0uA4bMnW_HocG5._84rtyzIFX61XpuZvB0T 0vfMo0_aMy4Vl1RTlpMTt..sJjAeEke7b0_uXCv6ykdwSTFVmxGfCNLQR7noLUgn7_7FXNp8wCLf N145DRtXpgnX8M7Bhj6Q5bGLPMlFHpWbkU8s3m7bW0uueOk5wniUZmgbyzJyg6._b7zF2w4cLchb WToV.4KGxiyA2CMziP3PRm2nHoWuhZMeQqi4aOp8yW082Q_dyv5ZFp.SvIHEbgBev.cjwuuVw9KD t_w5GCBq8cMTL6DhdXi6pcVdzGPAT3.lbI.tSRQJFOcX16YMvdxCo9Ki8uL614q7y445EsHeZ.lb xi98bPnHsVoVgnPU0F2uyzioec0VlvTqCjR7ky3X6.swao_Lsrh8PZ5dC7xsCSGRfjQ.xvp47wbt bGq4n0X44RJoTndY0oufQaQd1duGUtk3L7dIKtI4.A2UPSzw5j.HjKyr9BhJzafv9_uYRkTIFdOB 09w9yVElmavSp02fyZZHXEQqimG4HxeIliLKISc79XET2wI1W.sL9HlF3Or_5mhrhAtR89Vgzpo6 BtQxYpIp5gUY3h5TWkbzugR1w5gAAI8V7b.8QUYTGSPA0r1UgljOwkdYqTjX8AhH8lMV6xzJLt4u ixaGh2OQ1s3Mxstb3RJ895f01NWOfl.izU3gUlRiT366c8I4vt1vBKR4Twbwul1oU7Eh62tBOwIN VM6cu X-Sonic-MF: X-Sonic-ID: 66bf0cad-09c3-49a0-86eb-98b68a75db09 Received: from sonic.gate.mail.ne1.yahoo.com by sonic316.consmr.mail.gq1.yahoo.com with HTTP; Mon, 14 Aug 2023 04:04:45 +0000 Received: by hermes--production-ne1-7b767b77cc-27nt8 (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 497b70d9c4cde05edcba6ad7f533a9c8; Mon, 14 Aug 2023 04:04:40 +0000 (UTC) From: Mark Millard Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable List-Id: Discussions about the use of FreeBSD-current List-Archive: https://lists.freebsd.org/archives/freebsd-current List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-current@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.700.6\)) Subject: Re: OpenSSL 3 ports fallout Message-Id: Date: Sun, 13 Aug 2023 21:04:29 -0700 To: Gleb Popov , Current FreeBSD X-Mailer: Apple Mail (2.3731.700.6) References: X-Spamd-Result: default: False [-3.50 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.998]; DMARC_POLICY_ALLOW(-0.50)[yahoo.com,reject]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ptr:yahoo.com]; R_DKIM_ALLOW(-0.20)[yahoo.com:s=s2048]; MIME_GOOD(-0.10)[text/plain]; FROM_HAS_DN(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; ARC_NA(0.00)[]; MLMMJ_DEST(0.00)[freebsd-current@freebsd.org]; RCVD_IN_DNSWL_NONE(0.00)[98.137.69.32:from]; DWL_DNSWL_NONE(0.00)[yahoo.com:dkim]; ASN(0.00)[asn:36647, ipnet:98.137.64.0/20, country:US]; RWL_MAILSPIKE_POSSIBLE(0.00)[98.137.69.32:from]; DKIM_TRACE(0.00)[yahoo.com:+]; TO_DN_ALL(0.00)[]; FREEMAIL_FROM(0.00)[yahoo.com]; MID_RHS_MATCH_FROM(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; RCVD_TLS_LAST(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; FREEMAIL_ENVFROM(0.00)[yahoo.com]; MIME_TRACE(0.00)[0:+]; RCVD_COUNT_TWO(0.00)[2] X-Spamd-Bar: --- X-Rspamd-Queue-Id: 4RPLQ80ljgz3JTL Gleb Popov wrote on Date: Sun, 13 Aug 2023 20:30:48 UTC : > Some of the ports I'm using are failing to build after OpenSSL 3 > import due to the following problem. OpenSSL headers that are shipped > in base contain declarations of various deprecated functions for which > libcrypto.so doesn't contain definitions. Some of them are > RSA_generate_key and ERR_* family. These declarations aren't guarded > by any #ifdef and are visible for ports software. VirtualBox and > net-p2p/cardano-node detect these functions, try to use them and then > fail to link due to undefined references. I believe this should be > fixed in the base rather than patching each port? FreeBSD ports is using a 2021-08-24 version of cryptography/hazmat/ for which there have long been more recent versions that no longer have the kind of issue below: File = "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/opens= sl/binding.py", line 14, in from cryptography.hazmat.bindings._openssl import ffi, lib ImportError: = /usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/_opens= sl.abi3.so: Undefined symbol "ERR_GET_FUNC" =46rom what I wrote on the lists back on 2023-Jul-10: QUOTE In use: security/py-cryptography is at 3.4.8 (2021-08-24) Vintage fixed: 35.0.0 of cryptography dates back to 2021-09-29. Current for cryptography is 41.0.1 (2023-06-01). END QUOTE The full fix is inside cryptography, not in the environments that use it (such as FreeBSD). To me it looks like the tradeoffs now in place suggest adjusting the constraints that are stopping progressing past 3.4.8 in ports, even if there are some other consequences for some people. Note: The above message is from a broken kyua test's backtrace. A bunch of kyua testing involves use of python and ends up with cryptography/hazmat/ involved (and, so, the python is broken in some way). =3D=3D=3D Mark Millard marklmi at yahoo.com