Bug 198315

Summary: net/relayd does not work with ssl services
Product: Ports & Packages Reporter: jjasen
Component: Individual Port(s)Assignee: freebsd-ports-bugs (Nobody) <ports-bugs>
Status: Closed Overcome By Events    
Severity: Affects Many People CC: koue, lwhsu, markj, w.schwarzenfeld
Priority: --- Flags: koue: maintainer-feedback+
Version: Latest   
Hardware: Any   
OS: Any   

Description jjasen 2015-03-05 14:45:30 UTC 
in FreeBSD 10,0, relayd-5.5.20140810_1 does not work, when configured to check ssl or for https.

Here's a basic configuration to demonstrate the issue:

table <relay-www> {    \
  172.16.4.1
}

redirect http {
        listen on 10.0.0.244 tcp port 80 
        forward to <relay-www> port 80  \
         check http "/index.html" host www.FOO.org code 200 \
          mode roundrobin 
}

redirect https {
        listen on 10.0.0.244 tcp port 443 
        forward to <relay-www> port 443  \
         check https "/index.html" host www.FOO.org code 200 \
          mode roundrobin
}

relayctl show hosts will show the following:

2       table           relay-www:80                            active (2 hosts)
2       host            172.16.4.1                      98.56%  up
                        total: 137/139 checks

3       table           relay-www:443                           empty
4       host            172.16.4.1                      0.00%   down
                        total: 0/139 checks, error: ssl connect failed
Comment 1 jjasen 2015-03-06 13:41:00 UTC 
This appears to be related to using the OPENSSL libraries in the FreeBSD OS installation, versus in ports/packages.

Specifically, I installed ports, put the following in /etc/make.conf:

WITH_OPENSSL_PORT=yes
security_openssl_UNSET=SSL2

and ensured that WITH_OPENSSL=yes was in /usr/ports/net/relayd/Makefile

The results are now as expected:

2       table           relay-www:80                            active (2 hosts)
2       host            172.16.4.1                      100.00% up
                        total: 41/41 checks

3       table           relay-www:443                           active (2 hosts)
4       host            172.16.4.1                      100.00% up
                        total: 41/41 checks
Comment 2 Walter Schwarzenfeld 2018-01-11 19:22:19 UTC 
10.0 is gone. Are there same problems on  later FreeBSD-versions?

No maintainer feedback till now!
Comment 3 Martin Matuska freebsd_committer freebsd_triage 2019-03-18 22:48:59 UTC 
I give up maintaining this port.
Comment 4 Li-Wen Hsu freebsd_committer freebsd_triage 2020-06-16 22:56:08 UTC 
Over to new maintainer.

jjasen: is this still an issue in 11 and 12?
Comment 5 jjasen 2022-12-16 13:41:42 UTC 
I've not had the opportunity to test it. We can probably close this.
Comment 6 Nikola Kolev 2024-01-21 21:59:18 UTC 
I believe the ticket could be closed as obsolete. net/relayd has new maintainer and newer version.
Comment 7 Mark Johnston freebsd_committer freebsd_triage 2024-04-09 15:04:24 UTC 
Close per the last couple of comments.  relayd's been updated substantially since the report was submitted.