Bug 191951 - [build] stable/10 with WITHOUT_OPENSSL not compiling multiple issues
Summary: [build] stable/10 with WITHOUT_OPENSSL not compiling multiple issues
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: misc (show other bugs)
Version: 10.0-STABLE
Hardware: Any Any
: --- Affects Some People
Assignee: Mark Linimon
URL:
Keywords:
: 182977 201509 (view as bug list)
Depends on: 164208 164209 164210
Blocks:
  Show dependency treegraph
 
Reported: 2014-07-18 12:34 UTC by David Wahlund
Modified: 2020-07-12 20:57 UTC (History)
7 users (show)

See Also:


Attachments
svn diff for share/mk/src.opts.mk (412 bytes, patch)
2016-01-09 21:07 UTC, Bernard Spil
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description David Wahlund 2014-07-18 12:34:48 UTC
Hi
Trying to compile stable/10 WITHOUT_OPENSSL I get multiple issues.

Path: .
Working Copy Root Path: /usr/src
URL: https://svn0.eu.freebsd.org/base/stable/10
Relative URL: ^/stable/10
Repository Root: https://svn0.eu.freebsd.org/base
Repository UUID: ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Revision: 268740
Node Kind: directory
Schedule: normal
Last Changed Author: hselasky
Last Changed Rev: 268738
Last Changed Date: 2014-07-16 08:22:35 +0200 (Wed, 16 Jul 2014)

openssl/ssl.h missing in multiple places in libldns

In file included from /usr/src/lib/libldns/../../contrib/ldns/zone.c:11:
In file included from /usr/src/lib/libldns/../../contrib/ldns/ldns/ldns.h:98:
/usr/src/lib/libldns/../../contrib/ldns/ldns/dane.h:30:10: fatal error: 'openssl/ssl.h' file not found


so I add WITHOUT_LDNS

/usr/src/lib/libbsnmp/libbsnmp/../../../contrib/bsnmp/lib/snmpcrypto.c:370:1: error: conflicting types for 'snmp_passwd_to_keys'
snmp_passwd_to_keys(struct snmp_user *user, char *passwd __unused)
^
/usr/src/lib/libbsnmp/libbsnmp/../../../contrib/bsnmp/lib/snmp.h:273:16: note: previous declaration is here
enum snmp_code snmp_passwd_to_keys(struct snmp_user *, char *);
               ^
/usr/src/lib/libbsnmp/libbsnmp/../../../contrib/bsnmp/lib/snmpcrypto.c:382:1: error: conflicting types for 'snmp_get_local_keys'
snmp_get_local_keys(struct snmp_user *user, uint8_t *eid __unused,
^
/usr/src/lib/libbsnmp/libbsnmp/../../../contrib/bsnmp/lib/snmp.h:274:16: note: previous declaration is here
enum snmp_code snmp_get_local_keys(struct snmp_user *, uint8_t *, uint32_t);
               ^
2 errors generated.
*** [snmpcrypto.So] Error code 1


so I add WITHOUT_BSNMP

--- all_subdir_libfetch ---
--- common.So ---
cc  -fpic -DPIC  -O2 -pipe  -I. -DINET6 -DFTP_COMBINE_CWDS -std=iso9899:1999 -Qunused-arguments  -fstack-protector -Wsystem-headers -Werror -Wall -Wno-format-y2k -W -Wno-unused-parameter -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Wreturn-type -Wcast-qual -Wwrite-strings -Wswitch -Wshadow -Wunused-parameter -Wcast-align -Wchar-subscripts -Winline -Wnested-externs -Wredundant-decls -Wold-style-definition -Wmissing-variable-declarations -Wno-pointer-sign -Wno-empty-body -Wno-string-plus-int -Wno-unused-const-variable -c /usr/src/lib/libfetch/common.c -o common.So
/usr/src/lib/libfetch/common.c:808:43: error: unused parameter 'URL' [-Werror,-Wunused-parameter]
fetch_ssl(conn_t *conn, const struct url *URL, int verbose)
                                          ^
1 error generated.
*** [common.So] Error code 1

make[5]: stopped in /usr/src/lib/libfetch

This I don't know how to solve. LDNS should be able to compile without openssl with reduced functionality.
Comment 1 David Wahlund 2014-07-18 12:35:45 UTC
This is the same bug but in current/10.
http://lists.freebsd.org/pipermail/freebsd-current/2014-June/050598.html
Comment 2 bif 2014-11-04 00:49:30 UTC
patch below will allow you to continue further, but I'm afraid your quest for base system without openssl is going to be hard.

Index: lib/libfetch/common.c
===================================================================
--- lib/libfetch/common.c       (revision 273965)
+++ lib/libfetch/common.c       (working copy)
@@ -888,6 +888,7 @@
        return (0);
 #else
        (void)conn;
+       (void)URL;
        (void)verbose;
        fprintf(stderr, "SSL support disabled\n");
        return (-1);
Comment 3 Bernard Spil freebsd_committer 2015-04-01 18:30:28 UTC
Looks like it's easy to link libfetch to port's OpenSSL.

NB. Have NOT tested if this is functional!

--- lib/libfetch/Makefile.orig  2015-04-01 20:26:51.215998490 +0200
+++ lib/libfetch/Makefile       2015-04-01 20:26:32.724999161 +0200
@@ -17,7 +17,7 @@
 .if ${MK_OPENSSL} != "no"
 CFLAGS+=       -DWITH_SSL
 DPADD=         ${LIBSSL} ${LIBCRYPTO}
-LDADD=         -lssl -lcrypto
+LDADD=         -L/usr/local/lib -lssl -lcrypto
 .else
 DPADD=         ${LIBMD}
 LDADD=         -lmd

Results in

# readelf -d /usr/obj/usr/src/lib/libfetch/libfetch.so.6

Dynamic section at offset 0x110b0 contains 24 entries:
  Tag        Type                         Name/Value
 0x0000000000000001 (NEEDED)             Shared library: [libssl.so.32]
 0x0000000000000001 (NEEDED)             Shared library: [libcrypto.so.32]
 0x0000000000000001 (NEEDED)             Shared library: [libc.so.7]
 0x000000000000000e (SONAME)             Library soname: [libfetch.so.6]
Comment 4 oz42 2015-06-03 14:20:29 UTC
I have the same problem here, libfetch disallows a non-OpenSSL buildworld.

I am not a programmer, but I assume than SSL is hardcoded in the sources:

cc  -O2 -pipe   -I. -DINET6 -DFTP_COMBINE_CWDS -std=iso9899:1999 -Qunused-arguments  -fstack-protector -Wsystem-headers -Werror -Wall -Wno-format-y2k -W -Wno-unused-parameter -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Wreturn-type -Wcast-qual -Wwrite-strings -Wswitch -Wshadow -Wunused-parameter -Wcast-align -Wchar-subscripts -Winline -Wnested-externs -Wredundant-decls -Wold-style-definition -Wmissing-variable-declarations -Wno-pointer-sign -Wno-empty-body -Wno-string-plus-int -Wno-unused-const-variable -c /usr/src/lib/libfetch/common.c -o common.o
/usr/src/lib/libfetch/common.c:809:43: error: unused parameter 'URL' [-Werror,-Wunused-parameter]
fetch_ssl(conn_t *conn, const struct url *URL, int verbose)
                                          ^
1 error generated.
*** Error code 1
Comment 5 oz42 2015-06-03 14:24:06 UTC
Bernhards patch does not work here, same error. But I am trying to use LibreSSL instead of OpenSSL.
Comment 6 Bernard Spil freebsd_committer 2015-06-04 08:07:41 UTC
WITHOUT_OPENSSL is currently broken afaik. There are ways to get a kernel/world without OpenSSL... Check this link http://bsdxbsdx.blogspot.nl/2015/04/build-packages-in-poudriere-without.html

WITHOUT_LDNS=yes
WITHOUT_LDNS_UTILS=yes
WITHOUT_PKGBOOTSTRAP=yes
WITHOUT_SVNLITE=yes
Comment 7 oz42 2015-06-04 11:20:11 UTC
Thank you VERY much, it has worked. Now my system is OpenSSL free. :-)
Comment 8 oz42 2015-08-31 14:29:05 UTC
My OpenSSL free 10.1-REPEASE-p17 worked great.

But now this bug reappeared in 10.2-RELEASE-p2, it has even gotten worse.



===> usr.sbin/crashinfo (depend)
===> usr.sbin/cron (depend)
===> usr.sbin/cron/lib (depend)
===> usr.sbin/cron/cron (depend)
===> usr.sbin/cron/crontab (depend)
===> usr.sbin/crunch (depend)
===> usr.sbin/crunch/crunchgen (depend)
===> usr.sbin/crunch/crunchide (depend)
===> usr.sbin/ctladm (depend)
===> usr.sbin/ctld (depend)
rm -f .depend
CC='cc ' mkdep -f .depend -a    -I/usr/src/usr.sbin/ctld -I/usr/src/usr.sbin/ctld/../../sys -I/usr/src/usr.sbin/ctld/../../sys/cam/ctl -I/usr/src/usr.sbin/ctld/../../sys/dev/iscsi -std=gnu99   /usr/src/usr.sbin/ctld/chap.c /usr/src/usr.sbin/ctld/ctld.c /usr/src/usr.sbin/ctld/discovery.c /usr/src/usr.sbin/ctld/isns.c /usr/src/usr.sbin/ctld/kernel.c /usr/src/usr.sbin/ctld/keys.c /usr/src/usr.sbin/ctld/log.c /usr/src/usr.sbin/ctld/login.c parse.c /usr/src/usr.sbin/ctld/pdu.c token.c
/usr/src/usr.sbin/ctld/chap.c:38:10: fatal error: 'openssl/err.h' file not found
#include <openssl/err.h>
         ^
1 error generated.
In file included from /usr/src/usr.sbin/ctld/ctld.c:52:
/usr/src/usr.sbin/ctld/ctld.h:42:10: fatal error: 'openssl/md5.h' file not found
#include <openssl/md5.h>
         ^
1 error generated.
In file included from /usr/src/usr.sbin/ctld/discovery.c:43:
/usr/src/usr.sbin/ctld/ctld.h:42:10: fatal error: 'openssl/md5.h' file not found
#include <openssl/md5.h>
         ^
1 error generated.
In file included from /usr/src/usr.sbin/ctld/isns.c:50:
/usr/src/usr.sbin/ctld/ctld.h:42:10: fatal error: 'openssl/md5.h' file not found
#include <openssl/md5.h>
         ^
1 error generated.
In file included from /usr/src/usr.sbin/ctld/kernel.c:70:
/usr/src/usr.sbin/ctld/ctld.h:42:10: fatal error: 'openssl/md5.h' file not found
#include <openssl/md5.h>
         ^
1 error generated.
In file included from /usr/src/usr.sbin/ctld/keys.c:39:
/usr/src/usr.sbin/ctld/ctld.h:42:10: fatal error: 'openssl/md5.h' file not found
#include <openssl/md5.h>
         ^
1 error generated.
In file included from /usr/src/usr.sbin/ctld/log.c:42:
/usr/src/usr.sbin/ctld/ctld.h:42:10: fatal error: 'openssl/md5.h' file not found
#include <openssl/md5.h>
         ^
1 error generated.
In file included from /usr/src/usr.sbin/ctld/login.c:43:
/usr/src/usr.sbin/ctld/ctld.h:42:10: fatal error: 'openssl/md5.h' file not found
#include <openssl/md5.h>
         ^
1 error generated.
In file included from /usr/src/usr.sbin/ctld/parse.y:42:
/usr/src/usr.sbin/ctld/ctld.h:42:10: fatal error: 'openssl/md5.h' file not found
#include <openssl/md5.h>
         ^
1 error generated.
In file included from /usr/src/usr.sbin/ctld/pdu.c:42:
/usr/src/usr.sbin/ctld/ctld.h:42:10: fatal error: 'openssl/md5.h' file not found
#include <openssl/md5.h>
         ^
1 error generated.
In file included from /usr/src/usr.sbin/ctld/token.l:37:
/usr/src/usr.sbin/ctld/ctld.h:42:10: fatal error: 'openssl/md5.h' file not found
#include <openssl/md5.h>
         ^
1 error generated.
mkdep: compile failed
*** Error code 1

Stop.
make[4]: stopped in /usr/src/usr.sbin/ctld
*** Error code 1

Stop.
make[3]: stopped in /usr/src/usr.sbin
*** Error code 1

Stop.
make[2]: stopped in /usr/src
*** Error code 1

Stop.
make[1]: stopped in /usr/src
*** Error code 1

Stop.
make: stopped in /usr/src
[root@fb64 /usr/src]#
Comment 9 Bernard Spil freebsd_committer 2016-01-09 21:07:31 UTC
Created attachment 165331 [details]
svn diff for share/mk/src.opts.mk

I believe this fixes a number of the WITHOUT_OPENSSL issues where the dependency has not been registered in the build framework
Comment 10 Bernard Spil freebsd_committer 2016-01-09 21:12:09 UTC
*** Bug 201509 has been marked as a duplicate of this bug. ***
Comment 11 Bernard Spil freebsd_committer 2016-01-09 21:12:40 UTC
*** Bug 182977 has been marked as a duplicate of this bug. ***
Comment 12 olaf 2016-05-09 12:39:00 UTC
This bug still exists in 10.3-RELEASE-p2.
Comment 13 olaf 2016-10-31 12:34:18 UTC
This bug still exists in 11.0-RELEASE-p2.
Comment 14 Dries Michiels 2018-01-07 21:37:56 UTC
This bug still exists in 11-STABLE.
Comment 15 Mark Linimon freebsd_committer freebsd_triage 2020-07-12 16:51:40 UTC
To submitter: ist his aging PR still relevant for recent FreeBSD branches?
Comment 16 David Wahlund 2020-07-12 20:57:27 UTC
(In reply to Mark Linimon from comment #15)
Alas, I have since abandoned this perilous quest. =) I was surprised to see this PR was still alive. So as far as I'm concerned this PR can be closed or inherited by someone else who's currently seeks to be OpenSSL-free.