security/tpm2-tools fails to build if devel/openssl is installed. Observed on 12-stable/amd64. libtool: link: cc -I./tools -I./lib -D_GNU_SOURCE -std=gnu99 -fdata-sections -ffunction-sections -I/usr/local/include -I/usr/local/include/tss2 -I/usr/local/include -I/usr/local/include/tss2 -I/usr/local/include -I/usr/local/include -I/usr/local/include/tss2 -I/usr/local/include -I/usr/local/include/tss2 -I/usr/local/include -I/usr/local/include/tss2 -DTPM2_TOOLS_MAX=101 -O2 -pipe -fstack-protector-strong -fno-strict-aliasing -Wl,--gc-sections -Wl,-rpath -Wl,/usr/local/lib -fstack-protector-strong -o tools/tpm2 tools/tpm2-tpm2_tool.o tools/misc/tpm2-tpm2_certifyX509certutil.o tools/misc/tpm2-tpm2_checkquote.o tools/misc/tpm2-tpm2_encodeobject.o tools/misc/tpm2-tpm2_eventlog.o tools/misc/tpm2-tpm2_print.o tools/misc/tpm2-tpm2_rc_decode.o tools/tpm2-tpm2_activatecredential.o tools/tpm2-tpm2_certify.o tools/tpm2-tpm2_changeauth.o tools/tpm2-tpm2_changeeps.o tools/tpm2-tpm2_changepps.o tools/tpm2-tpm2_clear.o tools/tpm2-tpm2_clearcontrol.o tools/tpm2-tpm2_clockrateadjust.o tools/tpm2-tpm2_create.o tools/tpm2-tpm2_createak.o tools/tpm2-tpm2_createek.o tools/tpm2-tpm2_createpolicy.o tools/tpm2-tpm2_setprimarypolicy.o tools/tpm2-tpm2_createprimary.o tools/tpm2-tpm2_dictionarylockout.o tools/tpm2-tpm2_duplicate.o tools/tpm2-tpm2_getcap.o tools/tpm2-tpm2_gettestresult.o tools/tpm2-tpm2_encryptdecrypt.o tools/tpm2-tpm2_evictcontrol.o tools/tpm2-tpm2_flushcontext.o tools/tpm2-tpm2_getekcertificate.o tools/tpm2-tpm2_getrandom.o tools/tpm2-tpm2_gettime.o tools/tpm2-tpm2_hash.o tools/tpm2-tpm2_hierarchycontrol.o tools/tpm2-tpm2_hmac.o tools/tpm2-tpm2_import.o tools/tpm2-t pm2_incrementalselftest.o tools/tpm2-tpm2_load.o tools/tpm2-tpm2_loadexternal.o tools/tpm2-tpm2_makecredential.o tools/tpm2-tpm2_nvdefine.o tools/tpm2-tpm2_nvextend.o tools/tpm2-tpm2_nvincrement.o tools/tpm2-tpm2_nvreadpublic.o tools/tpm2-tpm2_nvread.o tools/tpm2-tpm2_nvreadlock.o tools/tpm2-tpm2_nvundefine.o tools/tpm2-tpm2_nvwrite.o tools/tpm2-tpm2_nvwritelock.o tools/tpm2-tpm2_nvsetbits.o tools/tpm2-tpm2_pcrallocate.o tools/tpm2-tpm2_pcrevent.o tools/tpm2-tpm2_pcrextend.o tools/tpm2-tpm2_pcrread.o tools/tpm2-tpm2_pcrreset.o tools/tpm2-tpm2_policypcr.o tools/tpm2-tpm2_policyauthorize.o tools/tpm2-tpm2_policyauthorizenv.o tools/tpm2-tpm2_policynv.o tools/tpm2-tpm2_policycountertimer.o tools/tpm2-tpm2_policyor.o tools/tpm2-tpm2_policynamehash.o tools/tpm2-tpm2_policytemplate.o tools/tpm2-tpm2_policycphash.o tools/tpm2-tpm2_policypassword.o tools/tpm2-tpm2_policysigned.o tools/tpm2-tpm2_policyticket.o tools/tpm2-tpm2_policyauthvalue.o tools/tpm2-tpm2_policysecret.o tools/tpm2-tpm2_policyrestart.o tools/tpm2-tpm2_policycommandcode.o tools/tpm2-tpm2_policynvwritten.o tools/tpm2-tpm2_policyduplicationselect.o tools/tpm2-tpm2_policylocality.o tools/tpm2-tpm2_quote.o tools/tpm2-tpm2_readclock.o tools/tpm2-tpm2_readpublic.o tools/tpm2-tpm2_rsadecrypt.o tools/tpm2-tpm2_rsaencrypt.o tools/tpm2-tpm2_send.o tools/tpm2-tpm2_selftest.o tools/tpm2-tpm2_setclock.o tools/tpm2-tpm2_shutdown.o tools/tpm2-tpm2_sign.o tools/tpm2-tpm2_certifycreation.o tools/tpm2-tpm2_nvcertify.o tools/tpm2-tpm2_startauthsession.o tools/tpm2-tpm2_startup.o tools/tpm2-tpm2_stirrandom.o tools/tpm2-tpm2_testparms.o tools/tpm2-tpm2_unseal.o tools/tpm2-tpm2_verifysignature.o tools/tpm2-tpm2_setcommandauditstatus.o tools/tpm2-tpm2_getcommandauditdigest.o tools/tpm2-tpm2_getsessionauditdigest.o tools/tpm2-tpm2_geteccparameters.o tools/tpm2-tpm2_ecephemeral.o tools/tpm2-tpm2_commit.o tools/tpm2-tpm2_ecdhkeygen.o tools/tpm2-tpm2_ecdhzgen.o tools/tpm2-tpm2_zgen2phase.o tools/tpm2-tpm2_sessionconfig.o tools/tpm2-tpm2_getpolicydigest.o lib/libcommon.a -ltss2-esys -L/usr/local/lib -ltss2-mu -lcrypto -ltss2-tctildr -ltss2-rc-ltss2-sys -lcurl ld: error: undefined symbol: EVP_sm4_cfb >>> referenced by tpm2_identity_util.c >>> libcommon_a-tpm2_identity_util.o:(aes_encrypt_buffers) in archive lib/libcommon.a ld: error: undefined symbol: EVP_sm3 >>> referenced by tpm2_openssl.c >>> libcommon_a-tpm2_openssl.o:(tpm2_openssl_md_from_tpmhalg) in archive lib/libcommon.a >>> referenced by tpm2_openssl.c >>> libcommon_a-tpm2_openssl.o:(tpm2_openssl_hash_compute_data) in archive lib/libcommon.a >>> referenced by tpm2_openssl.c >>> libcommon_a-tpm2_openssl.o:(tpm2_openssl_pcr_extend) in archive lib/libcommon.a >>> referenced 3 more times cc: error: linker command failed with exit code 1 (use -v to see invocation) gmake[1]: *** [Makefile:2474: tools/tpm2] Error 1
Maintainer informed via mail
Shall this PR be merged into the quarterly branch?
Sorry, wrong PR.
It appears the maintainer does not have a bugzilla account (at least not registered to MAINTAINER email). So the maintainer feedback request flag could not be set on this bug. Comment added to review D41802.
Created attachment 245318 [details] [patch] fix lib path used for crypto checks during configure Attached is a bug fix that works if security/openssl is installed (or not). If someone has DEFAULT_VERSIONS=ssl:openssl it will now check the lib in /usr/local during configure. Similarly if using DEFAULT_VERSIONS=ssl:base, it looks in /usr/lib during configure. No need to bump PORTREVISION - the package will not change if it has been successfully built. This just fixes a build failure that was not producing a package. Verified in poudriere with DEFAULT_VERSIONS=ssl:openssl and also with DEFAULT_VERSIONS=ssl:base. Requested maintainer approval from last committer. Maintainer does not appear to have a bugzilla account. I will add a comment in the review.
See also upstream bug report: https://github.com/tpm2-software/tpm2-tools/issues/3286
The attached patch looks ok to me. Let's use it for now if it fixes the build and I will work on an upstream patch. Thanks for fixing it.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=a4f11eab468a6e3741cb8cdced5660634917120e commit a4f11eab468a6e3741cb8cdced5660634917120e Author: John Hein <jcfyecrayz@liamekaens.com> AuthorDate: 2023-09-30 21:41:46 +0000 Commit: Robert Clausecker <fuz@FreeBSD.org> CommitDate: 2023-10-04 19:59:55 +0000 security/tpm2-tools: fix build if security/openssl is installed If someone has DEFAULT_VERSIONS=ssl:openssl it will now check the lib in /usr/local during configure. Similarly if using DEFAULT_VERSIONS=ssl:base, it looks in /usr/lib during configure. PR: 274013 Approved by: tstruk@gmail.com (maintainer) MFH: 2023Q4 security/tpm2-tools/Makefile | 1 + security/tpm2-tools/files/patch-configure (new) | 20 ++++++++++++++++++++ 2 files changed, 21 insertions(+)
A commit in branch 2023Q4 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=61b5d46f2faf578738ba2a4539b95adf0615dac2 commit 61b5d46f2faf578738ba2a4539b95adf0615dac2 Author: John Hein <jcfyecrayz@liamekaens.com> AuthorDate: 2023-09-30 21:41:46 +0000 Commit: Robert Clausecker <fuz@FreeBSD.org> CommitDate: 2023-10-04 20:04:13 +0000 security/tpm2-tools: fix build if security/openssl is installed If someone has DEFAULT_VERSIONS=ssl:openssl it will now check the lib in /usr/local during configure. Similarly if using DEFAULT_VERSIONS=ssl:base, it looks in /usr/lib during configure. PR: 274013 Approved by: tstruk@gmail.com (maintainer) MFH: 2023Q4 (cherry picked from commit a4f11eab468a6e3741cb8cdced5660634917120e) security/tpm2-tools/Makefile | 1 + security/tpm2-tools/files/patch-configure (new) | 20 ++++++++++++++++++++ 2 files changed, 21 insertions(+)