Bug 218586

Summary:

net/haproxy build fails with libressl version 2.5.3

Product:

Ports & Packages

Reporter:

Filias Heidt <freebsdbugs>

Component:

Individual Port(s)

Assignee:

Dmitry Sivachenko <demon>

Status:

Closed FIXED

Severity:

Affects Some People

CC:

brnrd, dch, mike.walker, pkubaj

Priority:

---

Flags:

bugzilla: maintainer-feedback? (demon)

Version:

Latest

Hardware:

Any

OS:

Any

See Also:

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=218590

Attachments:

Description	Flags
svn diff for net/haproxy	brnrd: maintainer-approval?

Description Filias Heidt 2017-04-12 10:59:24 UTC

log: http://pkg.nkhosting.net/data/103x64-default-2017/2017-04-12_12h55m51s/logs/errors/haproxy-1.7.5.log

Comment 1 Dmitry Sivachenko freebsd_committer

2017-04-12 11:03:42 UTC

This was recently fixed upstream (1.8-dev1 should build fine).
You need to ask author to merge changes to 1.7 branch, because they do not apply cleanly.

Comment 2 Mike Walker 2017-04-17 13:14:59 UTC

See also bug #218637 "net/haproxy: build fails with latest LibreSSL"

This seems to be a problem with the latest version of LibreSSL (2.5.3) and is also affecting builds of www/nginx with the lua module enabled.

The following is mentioned in the LibreSSL 2.5.3 release notes [1]:

 * Moved many leaked implementation details in public structs behind opaque
   pointers.

I'm assuming there's going to have to be some upstream refactoring/cleanup of projects tickling/reading now-private internal SSL data structures 


1: https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.5.3-relnotes.txt

Comment 3 Dmitry Sivachenko freebsd_committer

2017-04-17 13:22:51 UTC

Yes, my mistake, looks like it was not fixed in 1.8.
Still, someone interested in *SSL internals should work out a fix and submit it upstream.

Comment 4 Bernard Spil freebsd_committer

2017-04-19 18:22:00 UTC

Created attachment 181914 [details]
svn diff for net/haproxy

net/haproxy: Fix build with LibreSSL

  - Add defines SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB from OpenSSL 1.1
  - Add 1.6 patch from OpenBSD (last 2 chunks)

PR: 218586
Obtained from: OpenBSD

Comment 5 Dmitry Sivachenko freebsd_committer

2017-04-19 18:24:03 UTC

Any chance you submit it upstream instead (haproxy@formilux.org)?

Provided this problem is not FreeBSD-specific?

Comment 6 commit-hook freebsd_committer

2017-07-26 11:57:49 UTC

A commit references this bug:

Author: brnrd
Date: Wed Jul 26 11:57:01 UTC 2017
New revision: 446652
URL: https://svnweb.freebsd.org/changeset/ports/446652

Log:
  net/haproxy: Fix build with LibreSSL 2.5.3+

    - Add defines SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB from OpenSSL 1.1
    - Add 1.6 patch from OpenBSD (last 2 chunks)

  PR:		218586
  Obtained from:	OpenBSD

Changes:
  head/net/haproxy/files/patch-src_ssl__sock.c

Comment 7 Bernard Spil freebsd_committer

2017-07-26 11:58:47 UTC

Built locally with LibreSSL 2.5.5 and with vanilla 10.3 and 11.0 amd64 & i386 jails using poudriere.