Hello, I have exactly the same problem with lang/swi-pl both on baremetal machine and on one running in VirtualBox, they are in different networks (baremetal one has IPv6 and the real IPv4; VirtualBox one is IPv4 only via NAT). I run FreeBSD 13.2-p4, the latest lang/swi-pl from ports. ❯ swipl --version SWI-Prolog version 9.0.4 for amd64-freebsd The problem: ?- pack_list(foo). % Contacting server at https://www.swi-prolog.org/pack/query ... ERROR: SSL(1416F086) tls_process_server_certificate: certificate verify failed ERROR: In: ERROR: [21] throw(error(ssl_error('1416F086','SSL routines',tls_process_server_certificate,'certificate verify failed'),_420)) ERROR: [19] catch(http:http_protocol_hook(https,...,<stream>(0xf3fb00,0xf3fc00),_474,...),error(ssl_error('1416F086','SSL routines',tls_process_server_certificate,'certificate verify failed'),_482),http_open:(...,...)) at /usr/local/lib/swipl/boot/init.pl:565 ERROR: [18] http_open:try_http_proxy(direct,[uri('https://www.swi-prolog.org/pack/query'),...|...],_538,'<garbage_collected>') at /usr/local/lib/swipl/library/http/http_open.pl:493 ERROR: [16] <meta call> ERROR: [15] sig_atomic(prolog_pack:http_open('https://www.swi-prolog.org/pack/query',_616,...)) <foreign> ERROR: [14] setup_call_catcher_cleanup('<garbage_collected>',prolog_pack:read_reply(_658,_660,_662),_646,prolog_pack:close(_672)) at /usr/local/lib/swipl/boot/init.pl:678 ERROR: [12] prolog_pack:query_pack_server('<garbage_collected>',_704,[]) at /usr/local/lib/swipl/library/prolog_pack.pl:1587 ERROR: [11] prolog_pack:pack_search(foo) at /usr/local/lib/swipl/library/prolog_pack.pl:384 ERROR: [9] toplevel_call('<garbage_collected>') at /usr/local/lib/swipl/boot/toplevel.pl:1173 ERROR: ERROR: Note: some frames are missing due to last-call optimization. ERROR: Re-run your program in debug mode (:- debug.) to get more detail. I must say it works as expected with both Windows (which hosts VirtualBox) and Ubuntu Linux.
During the "recent" porting of swipl 7.x (a couple of years ago), one issue related to uuid's was solved by utilizing the fbsd uuid library which, as I recall, has functions matching what is used in the rather simple swipl-uuid package. I suspect this patch was carried over to swipl V9. Uuid's were the only spot in which I had to get a bit creative. Unfortunately this fbsd library doesn't seem to be 100% compatible, and I suspect it causes the pengine test case to fail... and perhaps even causes the symptoms below!? I'm sorry my time is quite limited these days, though I still intend to look into it at some point.
I'm clearly missing something. sorry. How this bug is related to uuid? Maybe I should mention that `pack_install` is broken as well, obviously, and it did work "recently" (= this year, or maybe even after the summer).
Judging by the date of pack downloaded file, it worked on May 1st.
(In reply to Alexey Vyskubov from comment #2) I'm not arguing this to be true, only that uuid's might serve as a dependency of whatever you are doing, and this is the only workaround I remember making back in the day. If your stuff used to work a few months ago, uuid's probably aren't to blame. Looking at the history of swipl, I notice that the upgrade to 9.0.4 happened around that time (beginning of May), so perhaps!? I was unable to participate in the porting of 9.0.4, so don't know much about it.
(In reply to Nikolaj Thygesen from comment #4) Nikolaj, I suspect uuid has nothing to do with Alexey's problem. Alexey, would you confirm the openssl version that you're linking to please? $ which openssl; $ openssl version (I suspect 1.1.1w is in base, but if you're linking to port openssl then that should be 3.0.? depending on when you updated, which may be part of the problem) Also there were some recent changes regarding the placement of certificates, you might need to check the location of the certificates that you're trying to use. I don't recall which version of FreeBSD it is, but changes were made for or due to use of certctl - this may (?) affect you. Aside: uuid's were a problem for me way back in 7.x so I commented them out in the Makefile. When the external library for ossp-uuid is missing, swipl will use its internal uuid software, which provides uuid type version 4 only. The swipl library(uuid) with misc/ossp-uuid generates types 1 to 5, though types 3 and 5 are incomplete (an implementation issue).
I did not have securiy/openssl installed. Installing it and recompiling lang/swi-pl fixed the problem on baremetal machine. I'll go try in VirtualBox now.
Okay, it has nothing to do with security/openssl installation, and it works the same way on baremetal and in VirtualBox: - pkg install lang/swi-pl => certificate problems - compilation in /usr/ports/lang/swi-pl => everything works So the package build is somehow broken, I suppose. Could the culprit be in 931da8d47263e27157fbd40b6547a6ebc2281276?
And if it still matters, openssl is in /usr/bin and is OpenSSL 1.1.1t-freebsd 7 Feb 2023