Created attachment 240961 [details] patch Without this patch I got: root@firewall:/usr/ports/security/luasec# /usr/local/etc/rc.d/prosody forcerestart prosody not running? (check /var/run/prosody.pid). Starting prosody. ************************** Prosody was unable to find LuaSec This package can be obtained in the following ways: Debian/Ubuntu | sudo apt install lua-sec luarocks | luarocks install luasec Source | https://github.com/brunoos/luasec LuaSec is required for Prosody to run, so we will now exit. More help can be found on our website, at https://prosody.im/doc/depends ************************** /usr/local/bin/lua54: /usr/local/lib/prosody/util/async.lua:154: error loading module 'ssl.core' from file '/usr/local/lib/lua/5.4/ssl.so': /usr/local/lib/lua/5.4/ssl.so: Undefined symbol "SSL_CTX_set_psk_server_callback" stack traceback: [C]: in ? [C]: in upvalue '_real_require' /usr/local/lib/prosody/util/startup.lua:203: in function 'require' /usr/local/share/lua/5.4/ssl.lua:8: in main chunk [C]: in upvalue '_real_require' /usr/local/lib/prosody/util/startup.lua:203: in function 'require' /usr/local/lib/prosody/net/server_epoll.lua:21: in main chunk [C]: in upvalue '_real_require' /usr/local/lib/prosody/util/startup.lua:203: in function 'require' /usr/local/lib/prosody/net/server.lua:78: in main chunk [C]: in upvalue '_real_require' /usr/local/lib/prosody/util/startup.lua:203: in function 'require' /usr/local/lib/prosody/util/startup.lua:137: in function 'util.startup.load_libraries' /usr/local/lib/prosody/util/startup.lua:692: in function 'util.startup.prosody' /usr/local/lib/prosody/util/async.lua:156: in upvalue 'func' /usr/local/lib/prosody/util/async.lua:144: in function </usr/local/lib/prosody/util/async.lua:142> stack traceback: [C]: in function 'error' /usr/local/lib/prosody/util/async.lua:154: in local 'handler' /usr/local/lib/prosody/util/async.lua:232: in method 'run' /usr/local/bin/prosody:55: in main chunk [C]: in ?
Hello Ivan, Thanks for your report and especially for taking this issue upstream where your patch has been accepted and a new version has been released. I've submitted an update for the port in bug #270343.
Upstream make their own patch, according to better knowledge. You probably may remove '-DOPENSSL_NO_SSL3' from makefile, at least with libressl it produce "already defined" warnings.
Thanks for the suggestion. Removing the definition seems to be safe as ssl3 is already disabled for OpenSSL in 12.4 and 13.1 base. I've updated the patch in bug #270343 accordingly.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=0932e21ef003c0d8565ca1aa5ca3c411ef9b3381 commit 0932e21ef003c0d8565ca1aa5ca3c411ef9b3381 Author: Thomas Morper <thomas@beingboiled.info> AuthorDate: 2023-03-20 17:10:34 +0000 Commit: Fernando Apesteguía <fernape@FreeBSD.org> CommitDate: 2023-03-21 07:42:23 +0000 security/luasec: update to 1.3.1 ChangeLog: https://github.com/brunoos/luasec/blob/v1.3.1/CHANGELOG PR: 270343 270328 Reported by: thomas@beingboiled.info (maintainer) security/luasec/Makefile | 4 ++-- security/luasec/distinfo | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-)
Fixed by updating to 1.3.1 Thanks!