From owner-freebsd-apache@freebsd.org Sun Oct 28 17:41:40 2018 Return-Path: Delivered-To: freebsd-apache@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5FD0B10DB168 for ; Sun, 28 Oct 2018 17:41:40 +0000 (UTC) (envelope-from brnrd@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id EBF228EB89 for ; Sun, 28 Oct 2018 17:41:39 +0000 (UTC) (envelope-from brnrd@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id B13A910DB167; Sun, 28 Oct 2018 17:41:39 +0000 (UTC) Delivered-To: apache@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9FE8B10DB166 for ; Sun, 28 Oct 2018 17:41:39 +0000 (UTC) (envelope-from brnrd@freebsd.org) Received: from smtp01.qsp.nl (smtp01.qsp.nl [193.254.214.162]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 398278EB86; Sun, 28 Oct 2018 17:41:39 +0000 (UTC) (envelope-from brnrd@freebsd.org) Received: from mail.brnrd.eu (unknown [193.164.217.85]) by smtp01.qsp.nl (Postfix) with ESMTPSA id D630A130E7; Sun, 28 Oct 2018 18:41:30 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=brnrd.eu; h=date:from:to:subject:message-id; s=default; bh=sAt/vKS/Oz33KY+DHbycYfM8ROleW5yWQnoAzp7nqzw=; b=dy3/eQcKavlc0h1Q4ptF3wgmce4xW6+4QGBaq8UzWCfBkDFLA9lSEGx7NZ1J2gEst0U34PIwmoQw+uUD/++xcWioNIjKoyEfIJtkQKUlySqePJBd9puOGiF3nhlUCv8386Fpdr/2YKiD5ofg9S+rV8p2+v2YHZe1R2LVG8vw07tckP4lWrvRImOvNIqcW21RTUJ2Ui6ZKi2HZv69zGCo8TFnFF/xVrb90bu6HveBvMgVU5bbk+TVZmIpglDDUj2ykVLGAxazMifvuY7XzfrdrZaw9wBZwkUFAjYEyy5ROefIjXJpmB7xt84v7Scd+hwxRdfUFtq9SALtlCD1z4FzrQ== Received: by brnrd.eu (OpenSMTPD) with ESMTPSA id d38f14ca TLS version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO; Sun, 28 Oct 2018 18:41:30 +0100 (CET) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Sun, 28 Oct 2018 18:41:30 +0100 From: Bernard Spil To: Kurt Jaeger Cc: apache@freebsd.org Subject: Re: svn commit: r483139 - in head/www/apache24: . files In-Reply-To: <20181028162434.GA1107@fc.opsec.eu> References: <201810271436.w9REafeR040613@repo.freebsd.org> <20181028162434.GA1107@fc.opsec.eu> Message-ID: X-Sender: brnrd@freebsd.org User-Agent: Roundcube Webmail/1.3.7 X-BeenThere: freebsd-apache@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Support of apache-related ports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 28 Oct 2018 17:41:40 -0000 On 2018-10-28 17:24, Kurt Jaeger wrote: > Hi! > >> Log: >> www/apache24: Update to 2.4.37 >> >> - Adds TLSv1.3 support with security/openssl111 > > On a 11.2p4 amd64, if I try to use mod_ssl.so, this happens: > > httpd: Syntax error on line 138 of /usr/local/etc/apache24/httpd.conf: > Cannot load /usr/local/libexec/apache24/mod_ssl.so into server: > /usr/local/libexec/apache24/mod_ssl.so: Undefined symbol "RAND_egd" > > Any ideas ? Sounds like a conflict in libs used. Just checked a vanilla OpenSSL 1.0.2 package and it still has EGD. The 1.1 branch does NOT have EGD (# define OPENSSL_NO_EGD in opensslconf.h from openssl111-1.1.1_1). Apache httpd's autoconf looks for rand_EGD > work/httpd-2.4.37/config.log > 2506:configure:27293: checking for RAND_egd > 2509:conftest.c:(.text+0x7): undefined reference to `RAND_egd' and unsets HAVE_RAND_EGD if it isn't found work/httpd-2.4.37/include/ap_config_auto.h 186:/* #undef HAVE_RAND_EGD */ EGD has been OK for a long while in the ports tree, it was one of the first things that was removed by LibreSSL and all ports were updated subsequently. EGD support in OpenSSL can easily be checked by checking for OPENSSL_NO_EGD in include/openssl/opensslconf.h (if it is there, then it EGD NOT available... OpenSSL idiosyncrasies). Better open a PR I guess.