Bug 274494 - databases/mariadb106: fix build with LibreSSL
Summary: databases/mariadb106: fix build with LibreSSL
Status: New
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: freebsd-ports-bugs (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-10-15 13:25 UTC by Ivan Rozhuk
Modified: 2024-03-19 17:17 UTC (History)
3 users (show)

See Also:

Attachments
patch (2.35 KB, patch)
2023-10-15 13:25 UTC, Ivan Rozhuk 		rozhuk.im: maintainer-approval?
Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Ivan Rozhuk 2023-10-15 13:25:37 UTC 
Created attachment 245639 [details]
patch

Same for 10.11.5:

FAILED: mysys_ssl/CMakeFiles/mysys_ssl.dir/openssl.c.o 
/usr/local/libexec/ccache/cc -DHAVE_CONFIG_H -DHAVE_OPENSSL -I/tmp/ports/usr/ports/databases/mariadb1011-client/work/mariadb-10.11.5/include -I/tmp/ports/usr/ports/databases/mariadb1011-client/work/mariadb-10.11.5/include/providers -I/tmp/ports/usr/ports/databases/mariadb1011-client/work/mariadb-10.11.5/mysys_ssl -I/usr/local/include -O2 -pipe -O3 -pipe -funroll-loops -mretpoline -fno-delete-null-pointer-checks  -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing  -fdebug-prefix-map=/tmp/ports/usr/ports/databases/mariadb1011-client/work/mariadb-10.11.5=. -fstack-protector --param=ssp-buffer-size=4 -O2 -pipe -O3 -pipe -funroll-loops -mretpoline -fno-delete-null-pointer-checks  -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing  -fdebug-prefix-map=/tmp/ports/usr/ports/databases/mariadb1011-client/work/mariadb-10.11.5=. -DNDEBUG -D_FORTIFY_SOURCE=2 -DDBUG_OFF -std=gnu99   -I/usr/local/include -isystem /usr/local/include -fPIC -MD -MT mysys_ssl/CMakeFiles/mysys_ssl.dir/openssl.c.o -MF mysys_ssl/CMakeFiles/mysys_ssl.dir/openssl.c.o.d -o mysys_ssl/CMakeFiles/mysys_ssl.dir/openssl.c.o -c /tmp/ports/usr/ports/databases/mariadb1011-client/work/mariadb-10.11.5/mysys_ssl/openssl.c
mysys_ssl/openssl.c:55:33: error: incompatible function pointer types passing 'void *(size_t, const char *, int)' (aka 'void *(unsigned long, const char *, int)') to parameter of type 'void *(*)(size_t)' (aka 'void *(*)(unsigned long)') [-Wincompatible-function-pointer-types]
  if (!CRYPTO_set_mem_functions(coc_malloc, NULL, NULL))
                                ^~~~~~~~~~
/usr/local/include/openssl/crypto.h:408:38: note: passing argument to parameter 'm' here
int CRYPTO_set_mem_functions(void *(*m)(size_t), void *(*r)(void *, size_t), void (*f)(void *));
                                     ^
1 error generated.
Comment 1 Bernard Spil freebsd_committer freebsd_triage 2023-10-15 17:34:57 UTC 
I expect this is an issue with conflicts in detection and use of includes/libraries at build time.

Running LibreBSD, I have LibreSSL in base and I don't encounter the issue, do you have a way to find out?
Comment 2 Ivan Rozhuk 2023-10-15 19:12:58 UTC 
(In reply to Bernard Spil from comment #1)

Strange, it should not build with libressl.
I use my patch + workaround from: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=273961


LibreSSL 3.7.3_1 includes are used, as far it have definition with 1 arg:
/usr/local/include/openssl/crypto.h:int CRYPTO_set_mem_functions(void *(*m)(size_t), void *(*r)(void *, size_t), void (*f)(void *));

Base OpenSSL have definition with 3 args:
/usr/include/openssl/crypto.h:int CRYPTO_set_mem_functions(
        void *(*m) (size_t, const char *, int),
        void *(*r) (void *, size_t, const char *, int),
        void (*f) (void *, const char *, int));

Maria defines:
/* OpenSSL version specific definitions */
#if defined(OPENSSL_VERSION_NUMBER)

#if OPENSSL_VERSION_NUMBER >= 0x10100000L && \
	!(defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x30500000L)
#define HAVE_OPENSSL11 1

Next if HAVE_OPENSSL11 defined than it build code to call CRYPTO_set_mem_functions().

So it is 100% that LibreSSL includes used.


If I do replace to
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && \
	!(defined(LIBRESSL_VERSION_NUMBER))
and HAVE_OPENSSL11 is undefined then another error happen:
...
FAILED: vio/CMakeFiles/vio.dir/viosslfactories.c.o 
/usr/local/libexec/ccache/cc -DHAVE_CONFIG_H -DHAVE_OPENSSL -I/tmp/ports/usr/ports/databases/mariadb106-client/work/mariadb-10.6.15/include -I/usr/local/include -O2 -pipe -O3 -pipe -funroll-loops -mretpoline -fno-delete-null-pointer-checks  -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing  -fdebug-prefix-map=/tmp/ports/usr/ports/databases/mariadb106-client/work/mariadb-10.6.15=. -fstack-protector --param=ssp-buffer-size=4 -O2 -pipe -O3 -pipe -funroll-loops -mretpoline -fno-delete-null-pointer-checks  -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing  -fdebug-prefix-map=/tmp/ports/usr/ports/databases/mariadb106-client/work/mariadb-10.6.15=. -DNDEBUG -D_FORTIFY_SOURCE=2 -DDBUG_OFF -std=gnu99   -I/usr/local/include -isystem /usr/local/include -fPIC -MD -MT vio/CMakeFiles/vio.dir/viosslfactories.c.o -MF vio/CMakeFiles/vio.dir/viosslfactories.c.o.d -o vio/CMakeFiles/vio.dir/viosslfactories.c.o -c /tmp/ports/usr/ports/databases/mariadb106-client/work/mariadb-10.6.15/vio/viosslfactories.c
In file included from vio/viosslfactories.c:17:
In file included from vio/vio_priv.h:25:
In file included from include/my_sys.h:28:
include/m_ctype.h:47:23: warning: redefinition of typedef 'ulong' is a C11 feature [-Wtypedef-redefinition]
typedef unsigned long ulong;
                      ^
include/my_global.h:891:23: note: previous definition is here
typedef unsigned long   ulong;            /* Short for unsigned long */
                        ^
vio/viosslfactories.c:67:17: error: incomplete definition of type 'struct dh_st'
            || !DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/ssl_compat.h:78:45: note: expanded from macro 'DH_set0_pqg'
#define DH_set0_pqg(D,P,Q,G)            ((D)->p= (P), (D)->g= (G))
                                         ~~~^
/usr/local/include/openssl/ossl_typ.h:132:16: note: forward declaration of 'struct dh_st'
typedef struct dh_st DH;
               ^
vio/viosslfactories.c:67:17: error: incomplete definition of type 'struct dh_st'
            || !DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/ssl_compat.h:78:58: note: expanded from macro 'DH_set0_pqg'
#define DH_set0_pqg(D,P,Q,G)            ((D)->p= (P), (D)->g= (G))
                                                      ~~~^
/usr/local/include/openssl/ossl_typ.h:132:16: note: forward declaration of 'struct dh_st'
typedef struct dh_st DH;
               ^
1 warning and 2 errors generated.
...



....
/*
  The check is only done for OpenSSL 1.1.x.
  It could run for OpenSSL 1.0.x but it doesn't make much sense
  and it hits this bug:
  https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1594748
*/

#ifndef HAVE_OPENSSL11
int check_openssl_compatibility()
{
  return 0;
}
#else
... here code that was fixed by attached patch...


check_openssl_compatibility() - always build by CMake, and called by runtime:
...
#ifdef HAVE_OPENSSL
  if (check_openssl_compatibility())
  {
    sql_print_error("Incompatible OpenSSL version. Cannot continue...");
    exit(1);
  }
#endif
...


Is it possible that you some how build without OpenSSL support or with WolfSSL as cryptoengine?
(sorry for long and mess post, there is no formatting features)