From owner-freebsd-ports@FreeBSD.ORG Fri Apr 10 07:07:41 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 988D4FB2 for ; Fri, 10 Apr 2015 07:07:41 +0000 (UTC) Received: from hermes.heuristicsystems.com.au (hermes.heuristicsystems.com.au [203.41.22.115]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "hermes.heuristicsystems.com.au", Issuer "Heuristic Systems Type 4 Host CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id CB01C24B for ; Fri, 10 Apr 2015 07:07:39 +0000 (UTC) Received: from [10.0.5.3] (ewsw01.hs [10.0.5.3]) (authenticated bits=0) by hermes.heuristicsystems.com.au (8.14.5/8.13.6) with ESMTP id t3A76ZhK082430 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT) for ; Fri, 10 Apr 2015 17:06:40 +1000 (EST) (envelope-from dewayne.geraghty@heuristicsystems.com.au) Message-ID: <5527769D.3060505@heuristicsystems.com.au> Date: Fri, 10 Apr 2015 17:07:09 +1000 From: Dewayne Geraghty User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: freebsd-ports@freebsd.org Subject: Re: openssl and bash libcrypto References: <552657AC.1020802@ish.com.au> <55271AB5.8020907@ish.com.au> <55272BC5.8090805@ish.com.au> In-Reply-To: <55272BC5.8090805@ish.com.au> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Apr 2015 07:07:41 -0000 On 10/04/2015 11:47 AM, Aristedes Maniatis wrote: > Dewayne Geraghty wrote: >> Most likely there was a port build that required openssl port, and also required >> something like libarchive or libfetch (for example), both require openssl base >> (I've found net-mgmt/net-snmp does this). Your bt reveals that the symbol table >> is confused, as expected. > Ah, that's a good help. So I can easily core dump /usr/bin/vi by trying to edit any file. Forgive my ignorance of C debugging, but I'll stumble through this: > > 1. I attach gdb to the application and load the core dump. > 2. It tries to read symbols from a bunch of system libraries. > 3. In amongst all those libraries are some located in /usr/local: > > /usr/local/lib/nss_ldap.so.1 > /usr/local/lib/libldap-2.4.so.2 > /usr/local/lib/liblber-2.4.so.2 > /usr/local/lib/libssl.so.8 > /usr/local/lib/libcrypto.so.8 > > So the whole chain of problems originates from nss_ldap. But I'm confused about what I'm looking at here.. > > Did vi try to load some access control library when it tried to write a file out to disk, and then that loaded nsswitch which in turn I've tied into the nss_ldap port, and then from there it was a slippery slope to disaster of conflicting libraries? > > I'll try building nss_ldap against base openssl and see if that helps, but can someone help explain the naming here. Why do we have /usr/local/lib/libcrypto.so.8 but lib/libcrypto.so.7. Was this done when the openssl port moved from 1.0.1 to 1.0.2? Isn't there usually a warning in UPDATING when we need to rebuild all ports for that reason? > > If all ports move to only use openssl from ports, then how does my example above get fixed? Doesn't it make it all worse? > > > So many questions! Thanks for all the help in understanding this. > > Ari > > Ari, Anything under /usr/local/ should be regarded as coming from /usr/ports - that is, it is *not* part of the base system. /lib and /usr/lib are part of the base system. If your system is crashing due to /usr/bin/vi which is part of the base system, then something is very wrong with the system. I'm guessing but is it possible that you've installed 32 libs onto a 64 base system, or the other way around? I can't see how vi needs anything under /usr/local, as its from the "base" system - so I guess others may need to step up to assist. Regards, Dewayne