Date: Thu, 9 Apr 2015 15:02:41 +0300 From: Kimmo Paasiala <kpaasial@gmail.com> To: Aristedes Maniatis <ari@ish.com.au> Cc: FreeBSD Mailing List <freebsd-ports@freebsd.org> Subject: Re: openssl and bash libcrypto Message-ID: <CA%2B7WWSdh6Mi3VGkEidK4_MCrzx4q2-YS87-YTsS8UmtOT36tUQ@mail.gmail.com> In-Reply-To: <552657AC.1020802@ish.com.au> References: <552657AC.1020802@ish.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Apr 9, 2015 at 1:42 PM, Aristedes Maniatis <ari@ish.com.au> wrote: > Starting in the last week or so, several different applications are exhib= iting the same symptoms of broken libcrypto libraries. > > (gdb) core bash.core > Core was generated by `bash'. > Program terminated with signal 11, Segmentation fault. > > (gdb) bt > #0 0x00000008029cafe5 in OPENSSL_ia32_cpuid () from /usr/local/lib/libcr= ypto.so.8 > #1 0x00000008033cf0b9 in OPENSSL_ia32cap_loc () from /lib/libcrypto.so.7 > #2 0x00000008032d584e in _init () from /lib/libcrypto.so.7 > #3 0x00007fffffffd7c0 in ?? () > #4 0x00000008006d66bf in r_debug_state () from /libexec/ld-elf.so.1 > #5 0x00000008006dad87 in _rtld_get_stack_prot () from /libexec/ld-elf.so= .1 > #6 0x00000008006d7ad3 in dlopen () from /libexec/ld-elf.so.1 > #7 0x0000000800e5c436 in _nsdbtaddsrc () from /lib/libc.so.7 > #8 0x0000000800e563c9 in _nsyyparse () from /lib/libc.so.7 > #9 0x0000000800e5cab1 in nsdispatch () from /lib/libc.so.7 > #10 0x0000000800e49ebe in getpwuid () from /lib/libc.so.7 > #11 0x0000000800e49cbf in getpwnam () from /lib/libc.so.7 > > > Although that symptom is in bash, I've got the exact same symptoms in ast= erisk. The builds are done in poudriere with the make flags: > > WITH_OPENSSL_PORT=3Dyes > > > I've tried updating to the latest 10.1-RELEASE-p6, although it is possibl= e that that is exactly what caused the problem in the first place when the = poudriere jail was updated to that release. > > The function calls mention ia32 but this box is purely 64bit. > > > I've seen recent discussions about the problems that confusion between co= re openssl and ports openssl can cause. But I can't for the life of me figu= re how to avoid this problem. > > * Should bash be built with "Build static executables and/or libraries"? > * Should I stop trying to use openssl from ports until this is fixed? > * Why is /lib/libcrypto.so.7 calling /usr/local/lib/libcrypto.so.8 ? > > I've tried so many different combinations of settings, I don't know what = to try next. > > Thanks > Ari > > > -- > --------------------------> > Aristedes Maniatis > ish > http://www.ish.com.au > Level 1, 30 Wilson Street Newtown 2042 Australia > phone +61 2 9550 5001 fax +61 2 9550 4001 > GPG fingerprint CBFB 84B4 738D 4E87 5E5C 5EFA EF6A 7D2E 3E49 102A > You could build world with WITHOUT_OPENSSL but that would also disable some other needed pieces such as OpenSSH and you'd have to install them from ports. WITHOUT_OPENSSL Set to not build OpenSSL. When set, it also enforces the foll= ow=E2=80=90 ing options: WITHOUT_KERBEROS WITHOUT_KERBEROS_SUPPORT WITHOUT_OPENSSH When set, the following options are also in effect: WITHOUT_GSSAPI (unless WITH_GSSAPI is set explicitly)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2B7WWSdh6Mi3VGkEidK4_MCrzx4q2-YS87-YTsS8UmtOT36tUQ>