Date: Tue, 7 Apr 2026 01:17:45 +0900 From: Tomoaki AOKI <junchoon@dec.sakura.ne.jp> To: Dima Panov <fluffy@FreeBSD.org>, Pierre Pronchery <khorben@FreeBSD.org> Cc: dev-commits-ports-main@freebsd.org, Daniel Engberg <diizzy@FreeBSD.org> Subject: Re: git: 4211f99a216d - main - security/libssh: Mark BROKEN on 15+ and add backup for MASTER_SITES Message-ID: <20260407011745.1ee516a74deca884c60415a7@dec.sakura.ne.jp>
index | next in thread | raw e-mail
Hi. Is it intentional here that didn't make ml_kem.h installed on importing at commit e7be843b4a162e68651d3911f0357ed464915629? https://cgit.freebsd.org/src/commit/?id=e7be843b4a162e68651d3911f0357ed464915629 If not, can it be made installed (possibly OSVERSION bump is wanted, though) on all affected branches (including releng/15.0 as errata -p* upgrade)? Regards. > BTW, we have missed corresponding include file in base openssl since it was merged with 3.5.x > > diff --git a/secure/lib/libcrypto/Makefile b/secure/lib/libcrypto/Makefile > index 9d484e9d48..f57f53a8c7 100644 > --- a/secure/lib/libcrypto/Makefile > +++ b/secure/lib/libcrypto/Makefile > @@ -635,7 +635,7 @@ INCS+= des.h dh.h dherr.h dsa.h > INCS+= dsaerr.h > INCS+= dtls1.h e_os2.h e_ostime.h ebcdic.h ec.h ecdh.h ecdsa.h ecerr.h encoder.h encodererr.h > INCS+= engine.h engineerr.h err.h ess.h esserr.h evp.h evperr.h fips_names.h fipskey.h hmac.h hpke.h http.h httperr.h idea.h indicator.h > -INCS+= kdf.h kdferr.h lhash.h macros.h md2.h md4.h md5.h mdc2.h modes.h obj_mac.h > +INCS+= kdf.h kdferr.h lhash.h macros.h md2.h md4.h md5.h mdc2.h ml_kem.h modes.h obj_mac.h > INCS+= objects.h objectserr.h ocsp.h ocsperr.h opensslconf.h opensslv.h > INCS+= ossl_typ.h param_build.h params.h pem.h pem2.h pemerr.h pkcs12.h pkcs12err.h pkcs7.h > INCS+= pkcs7err.h prov_ssl.h proverr.h provider.h quic.h rand.h randerr.h rc2.h rc4.h rc5.h ripemd.h > > On 06.04.2026 18:12, Dima Panov wrote: > > Hello! > > > > There is another solution -- force check for openssl 3.6 to enable ML-KEM extension > > > > > > diff --git a/security/libssh/Makefile b/security/libssh/Makefile > > index cbec0cfe7b..2f1224e3be 100644 > > --- a/security/libssh/Makefile > > +++ b/security/libssh/Makefile > > @@ -67,6 +68,10 @@ OPENSSL_CMAKE_BOOL_OFF= CMAKE_DISABLE_FIND_PACKAGE_OpenSSL > > OPENSSL_USES= ssl > > STATIC_CMAKE_BOOL= BUILD_STATIC_LIB > > > > +post-patch: > > + ${REINPLACE_CMD} -e '/OPENSSL_VERSION/s,3.5.0,3.6.0,g' \ > > + ${WRKSRC}/ConfigureChecks.cmake > > + > > post-install-STATIC-on: > > ${INSTALL_DATA} ${INSTALL_WRKSRC}/src/libssh.a ${STAGEDIR}${PREFIX}/lib/ > > > > > > On 06.04.2026 15:53, Daniel Engberg wrote: > > > The branch main has been updated by diizzy: > > > > > > URL: https://cgit.FreeBSD.org/ports/commit/?id=4211f99a216d4f440b3b804a1e6db475087e3ed2 > > > > > > commit 4211f99a216d4f440b3b804a1e6db475087e3ed2 > > > Author: Daniel Engberg <diizzy@FreeBSD.org> > > > AuthorDate: 2026-04-06 12:45:14 +0000 > > > Commit: Daniel Engberg <diizzy@FreeBSD.org> > > > CommitDate: 2026-04-06 12:53:21 +0000 > > > > > > security/libssh: Mark BROKEN on 15+ and add backup for MASTER_SITES > > > > > > Fails to build on 15+, > > > src/mlkem_crypto.c:31:10: fatal error: 'openssl/ml_kem.h' file not found > > > > > > Add temporary backup for MASTER_SITES to avoid build failures on other > > > versions and of consumers as main upstream site current truncates > > > downloads > > > > > > Thanks to eduardo@ for verifying build issues on -CURRENT > > > > > > PR: 294268 > > > Approved by: blanket, just fix it > > > --- > > > security/libssh/Makefile | 7 ++++++- > > > 1 file changed, 6 insertions(+), 1 deletion(-) > > > > > > diff --git a/security/libssh/Makefile b/security/libssh/Makefile > > > index cbec0cfe7b55..10ebb693d642 100644 > > > --- a/security/libssh/Makefile > > > +++ b/security/libssh/Makefile > > > @@ -1,7 +1,9 @@ > > > PORTNAME= libssh > > > PORTVERSION= 0.12.0 > > > +PORTREVISION= 1 > > > CATEGORIES= security devel > > > -MASTER_SITES= https://www.libssh.org/files/${PORTVERSION:R}/ > > > +MASTER_SITES= https://www.libssh.org/files/${PORTVERSION:R}/ \ > > > + https://ftp.openbsd.org/pub/OpenBSD/distfiles/ > > > > > > MAINTAINER= sunpoet@FreeBSD.org > > > COMMENT= Library implementing the SSH2 protocol > > > @@ -11,6 +13,9 @@ WWW= https://www.libssh.org/ \ > > > LICENSE= LGPL21 > > > LICENSE_FILE= ${WRKSRC}/COPYING > > > > > > +BROKEN_FreeBSD_15= src/mlkem_crypto.c:31:10: fatal error: 'openssl/ml_kem.h' file not found > > > +BROKEN_FreeBSD_16= src/mlkem_crypto.c:31:10: fatal error: 'openssl/ml_kem.h' file not found > > > + > > > TEST_DEPENDS= cmocka>=0:sysutils/cmocka > > > > > > USES= cmake:testing cpe tar:xz > > > > > > > -- > > Sincerely, > > Dima (fluffy@FreeBSD.org, https://t.me/FluffyBSD, @fluffy:matrix-dev.freebsd.org) > > (desktop, kde, x11, office, ports-secteam)@FreeBSD team > > > > -- > Sincerely, > Dima (fluffy@FreeBSD.org, https://t.me/FluffyBSD, @fluffy:matrix-dev.freebsd.org) > (desktop, kde, x11, office, ports-secteam)@FreeBSD team -- Tomoaki AOKI <junchoon@dec.sakura.ne.jp>home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20260407011745.1ee516a74deca884c60415a7>