Bug 259688
| Summary: | databases/memcached: 1.6.12 fails to build with ssl=libressl: error: use of undeclared identifier 'TLS1_3_VERSION' | ||
|---|---|---|---|
| Product: | Ports & Packages | Reporter: | lysfjord.daniel |
| Component: | Individual Port(s) | Assignee: | Steve Wills <swills> |
| Status: | Closed FIXED | ||
| Severity: | Affects Some People | CC: | brnrd, swills |
| Priority: | --- | Keywords: | needs-qa |
| Version: | Latest | Flags: | koobs:
maintainer-feedback?
(brnrd) koobs: maintainer-feedback? (swills) koobs: merge-quarterly? |
| Hardware: | Any | ||
| OS: | Any | ||
| Attachments: | |||
Is this issue reproducible (same or different build issue), with any other ssl= values ? (In reply to Kubilay Kocak from comment #1) Builds just fine with openssl when commenting out the line DEFAULT_VERSIONS+= ssl=libressl from make.conf (In reply to Kubilay Kocak from comment #1) Also builds just fine with DEFAULT_VERSIONS+= ssl=openssl (aka. from ports) (In reply to Kubilay Kocak from comment #1) Also builds fine with DEFAULT_VERSIONS+= ssl=libressl-devel. I guess they have implemented the public interfaces for TLS1.3 in version 3.4. Created attachment 229345 [details]
patch for tls.c to check if LIBRESSL_VERSION is above 3.4, else disable TLS1.3
Created attachment 229346 [details]
patch for memcached.c to check if LIBRESSL_VERSION is above 3.4, else disable TLS1.3
Added patches for tls.c and memcached.c to check for LIBRESSL_VERSION >= 3040000fL (this version number might not be the correct one, but, sometime during 3.4 they added the public interfaces for TLS1_3).. (In reply to lysfjord.daniel from comment #7) Thanks, I'll try to take a look and commit these soon. In the mean time, can you please send these upstream as well? Upstream tends to be fairly responsive. https://github.com/memcached/memcached Thanks Just when I'm about to update security/libressl to 3.4.1... (In reply to Steve Wills from comment #8) Again, the version supplied in the patches might not be the correct ones.. I haven't checked the libressl patches to find *when* they implemented this.. I guess 3040100fL works, as that's what libressl-devel is currently at. Fix incoming from upstream. Created attachment 229384 [details]
patch for tls.c, checking if TLS1_3_VERSION is defined before enabling it
Created attachment 229385 [details]
patch for memcached.c, checking if TLS1_3_VERSION is defined before enabling it
(In reply to Bernard Spil from comment #9) Thanks, now exim is broken instead:) Fix labeled merged/fixed for next, but still not merged.. https://github.com/memcached/memcached/pull/834 Fixed in 1.6.13 according to upstream. Will close this as soon as I see 1.6.13 in ports. Version 1.6.14 committed: https://cgit.freebsd.org/ports/commit/?id=a0aac5cb53fde052c66c46504a6cea4065664a17 |
Created attachment 229337 [details] poudriere build log for databases/memcached-1.6.12 As per summary, the compile failes with the following lines: memcached.c:4020:59: error: use of undeclared identifier 'TLS1_3_VERSION' ssl_proto_text(TLS1_2_VERSION), ssl_proto_text(TLS1_3_VERSION)); ^ memcached.c:5418:52: error: use of undeclared identifier 'TLS1_3_VERSION' settings.ssl_min_version = TLS1_3_VERSION; No surprise, as the code is having the following checks in multiple places: #if OPENSSL_VERSION_NUMBER >= 0x10101000L