Hi Trying to compile stable/10 WITHOUT_OPENSSL I get multiple issues. Path: . Working Copy Root Path: /usr/src URL: https://svn0.eu.freebsd.org/base/stable/10 Relative URL: ^/stable/10 Repository Root: https://svn0.eu.freebsd.org/base Repository UUID: ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f Revision: 268740 Node Kind: directory Schedule: normal Last Changed Author: hselasky Last Changed Rev: 268738 Last Changed Date: 2014-07-16 08:22:35 +0200 (Wed, 16 Jul 2014) openssl/ssl.h missing in multiple places in libldns In file included from /usr/src/lib/libldns/../../contrib/ldns/zone.c:11: In file included from /usr/src/lib/libldns/../../contrib/ldns/ldns/ldns.h:98: /usr/src/lib/libldns/../../contrib/ldns/ldns/dane.h:30:10: fatal error: 'openssl/ssl.h' file not found so I add WITHOUT_LDNS /usr/src/lib/libbsnmp/libbsnmp/../../../contrib/bsnmp/lib/snmpcrypto.c:370:1: error: conflicting types for 'snmp_passwd_to_keys' snmp_passwd_to_keys(struct snmp_user *user, char *passwd __unused) ^ /usr/src/lib/libbsnmp/libbsnmp/../../../contrib/bsnmp/lib/snmp.h:273:16: note: previous declaration is here enum snmp_code snmp_passwd_to_keys(struct snmp_user *, char *); ^ /usr/src/lib/libbsnmp/libbsnmp/../../../contrib/bsnmp/lib/snmpcrypto.c:382:1: error: conflicting types for 'snmp_get_local_keys' snmp_get_local_keys(struct snmp_user *user, uint8_t *eid __unused, ^ /usr/src/lib/libbsnmp/libbsnmp/../../../contrib/bsnmp/lib/snmp.h:274:16: note: previous declaration is here enum snmp_code snmp_get_local_keys(struct snmp_user *, uint8_t *, uint32_t); ^ 2 errors generated. *** [snmpcrypto.So] Error code 1 so I add WITHOUT_BSNMP --- all_subdir_libfetch --- --- common.So --- cc -fpic -DPIC -O2 -pipe -I. -DINET6 -DFTP_COMBINE_CWDS -std=iso9899:1999 -Qunused-arguments -fstack-protector -Wsystem-headers -Werror -Wall -Wno-format-y2k -W -Wno-unused-parameter -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Wreturn-type -Wcast-qual -Wwrite-strings -Wswitch -Wshadow -Wunused-parameter -Wcast-align -Wchar-subscripts -Winline -Wnested-externs -Wredundant-decls -Wold-style-definition -Wmissing-variable-declarations -Wno-pointer-sign -Wno-empty-body -Wno-string-plus-int -Wno-unused-const-variable -c /usr/src/lib/libfetch/common.c -o common.So /usr/src/lib/libfetch/common.c:808:43: error: unused parameter 'URL' [-Werror,-Wunused-parameter] fetch_ssl(conn_t *conn, const struct url *URL, int verbose) ^ 1 error generated. *** [common.So] Error code 1 make[5]: stopped in /usr/src/lib/libfetch This I don't know how to solve. LDNS should be able to compile without openssl with reduced functionality.
This is the same bug but in current/10. http://lists.freebsd.org/pipermail/freebsd-current/2014-June/050598.html
patch below will allow you to continue further, but I'm afraid your quest for base system without openssl is going to be hard. Index: lib/libfetch/common.c =================================================================== --- lib/libfetch/common.c (revision 273965) +++ lib/libfetch/common.c (working copy) @@ -888,6 +888,7 @@ return (0); #else (void)conn; + (void)URL; (void)verbose; fprintf(stderr, "SSL support disabled\n"); return (-1);
Looks like it's easy to link libfetch to port's OpenSSL. NB. Have NOT tested if this is functional! --- lib/libfetch/Makefile.orig 2015-04-01 20:26:51.215998490 +0200 +++ lib/libfetch/Makefile 2015-04-01 20:26:32.724999161 +0200 @@ -17,7 +17,7 @@ .if ${MK_OPENSSL} != "no" CFLAGS+= -DWITH_SSL DPADD= ${LIBSSL} ${LIBCRYPTO} -LDADD= -lssl -lcrypto +LDADD= -L/usr/local/lib -lssl -lcrypto .else DPADD= ${LIBMD} LDADD= -lmd Results in # readelf -d /usr/obj/usr/src/lib/libfetch/libfetch.so.6 Dynamic section at offset 0x110b0 contains 24 entries: Tag Type Name/Value 0x0000000000000001 (NEEDED) Shared library: [libssl.so.32] 0x0000000000000001 (NEEDED) Shared library: [libcrypto.so.32] 0x0000000000000001 (NEEDED) Shared library: [libc.so.7] 0x000000000000000e (SONAME) Library soname: [libfetch.so.6]
I have the same problem here, libfetch disallows a non-OpenSSL buildworld. I am not a programmer, but I assume than SSL is hardcoded in the sources: cc -O2 -pipe -I. -DINET6 -DFTP_COMBINE_CWDS -std=iso9899:1999 -Qunused-arguments -fstack-protector -Wsystem-headers -Werror -Wall -Wno-format-y2k -W -Wno-unused-parameter -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Wreturn-type -Wcast-qual -Wwrite-strings -Wswitch -Wshadow -Wunused-parameter -Wcast-align -Wchar-subscripts -Winline -Wnested-externs -Wredundant-decls -Wold-style-definition -Wmissing-variable-declarations -Wno-pointer-sign -Wno-empty-body -Wno-string-plus-int -Wno-unused-const-variable -c /usr/src/lib/libfetch/common.c -o common.o /usr/src/lib/libfetch/common.c:809:43: error: unused parameter 'URL' [-Werror,-Wunused-parameter] fetch_ssl(conn_t *conn, const struct url *URL, int verbose) ^ 1 error generated. *** Error code 1
Bernhards patch does not work here, same error. But I am trying to use LibreSSL instead of OpenSSL.
WITHOUT_OPENSSL is currently broken afaik. There are ways to get a kernel/world without OpenSSL... Check this link http://bsdxbsdx.blogspot.nl/2015/04/build-packages-in-poudriere-without.html WITHOUT_LDNS=yes WITHOUT_LDNS_UTILS=yes WITHOUT_PKGBOOTSTRAP=yes WITHOUT_SVNLITE=yes
Thank you VERY much, it has worked. Now my system is OpenSSL free. :-)
My OpenSSL free 10.1-REPEASE-p17 worked great. But now this bug reappeared in 10.2-RELEASE-p2, it has even gotten worse. ===> usr.sbin/crashinfo (depend) ===> usr.sbin/cron (depend) ===> usr.sbin/cron/lib (depend) ===> usr.sbin/cron/cron (depend) ===> usr.sbin/cron/crontab (depend) ===> usr.sbin/crunch (depend) ===> usr.sbin/crunch/crunchgen (depend) ===> usr.sbin/crunch/crunchide (depend) ===> usr.sbin/ctladm (depend) ===> usr.sbin/ctld (depend) rm -f .depend CC='cc ' mkdep -f .depend -a -I/usr/src/usr.sbin/ctld -I/usr/src/usr.sbin/ctld/../../sys -I/usr/src/usr.sbin/ctld/../../sys/cam/ctl -I/usr/src/usr.sbin/ctld/../../sys/dev/iscsi -std=gnu99 /usr/src/usr.sbin/ctld/chap.c /usr/src/usr.sbin/ctld/ctld.c /usr/src/usr.sbin/ctld/discovery.c /usr/src/usr.sbin/ctld/isns.c /usr/src/usr.sbin/ctld/kernel.c /usr/src/usr.sbin/ctld/keys.c /usr/src/usr.sbin/ctld/log.c /usr/src/usr.sbin/ctld/login.c parse.c /usr/src/usr.sbin/ctld/pdu.c token.c /usr/src/usr.sbin/ctld/chap.c:38:10: fatal error: 'openssl/err.h' file not found #include <openssl/err.h> ^ 1 error generated. In file included from /usr/src/usr.sbin/ctld/ctld.c:52: /usr/src/usr.sbin/ctld/ctld.h:42:10: fatal error: 'openssl/md5.h' file not found #include <openssl/md5.h> ^ 1 error generated. In file included from /usr/src/usr.sbin/ctld/discovery.c:43: /usr/src/usr.sbin/ctld/ctld.h:42:10: fatal error: 'openssl/md5.h' file not found #include <openssl/md5.h> ^ 1 error generated. In file included from /usr/src/usr.sbin/ctld/isns.c:50: /usr/src/usr.sbin/ctld/ctld.h:42:10: fatal error: 'openssl/md5.h' file not found #include <openssl/md5.h> ^ 1 error generated. In file included from /usr/src/usr.sbin/ctld/kernel.c:70: /usr/src/usr.sbin/ctld/ctld.h:42:10: fatal error: 'openssl/md5.h' file not found #include <openssl/md5.h> ^ 1 error generated. In file included from /usr/src/usr.sbin/ctld/keys.c:39: /usr/src/usr.sbin/ctld/ctld.h:42:10: fatal error: 'openssl/md5.h' file not found #include <openssl/md5.h> ^ 1 error generated. In file included from /usr/src/usr.sbin/ctld/log.c:42: /usr/src/usr.sbin/ctld/ctld.h:42:10: fatal error: 'openssl/md5.h' file not found #include <openssl/md5.h> ^ 1 error generated. In file included from /usr/src/usr.sbin/ctld/login.c:43: /usr/src/usr.sbin/ctld/ctld.h:42:10: fatal error: 'openssl/md5.h' file not found #include <openssl/md5.h> ^ 1 error generated. In file included from /usr/src/usr.sbin/ctld/parse.y:42: /usr/src/usr.sbin/ctld/ctld.h:42:10: fatal error: 'openssl/md5.h' file not found #include <openssl/md5.h> ^ 1 error generated. In file included from /usr/src/usr.sbin/ctld/pdu.c:42: /usr/src/usr.sbin/ctld/ctld.h:42:10: fatal error: 'openssl/md5.h' file not found #include <openssl/md5.h> ^ 1 error generated. In file included from /usr/src/usr.sbin/ctld/token.l:37: /usr/src/usr.sbin/ctld/ctld.h:42:10: fatal error: 'openssl/md5.h' file not found #include <openssl/md5.h> ^ 1 error generated. mkdep: compile failed *** Error code 1 Stop. make[4]: stopped in /usr/src/usr.sbin/ctld *** Error code 1 Stop. make[3]: stopped in /usr/src/usr.sbin *** Error code 1 Stop. make[2]: stopped in /usr/src *** Error code 1 Stop. make[1]: stopped in /usr/src *** Error code 1 Stop. make: stopped in /usr/src [root@fb64 /usr/src]#
Created attachment 165331 [details] svn diff for share/mk/src.opts.mk I believe this fixes a number of the WITHOUT_OPENSSL issues where the dependency has not been registered in the build framework
*** Bug 201509 has been marked as a duplicate of this bug. ***
*** Bug 182977 has been marked as a duplicate of this bug. ***
This bug still exists in 10.3-RELEASE-p2.
This bug still exists in 11.0-RELEASE-p2.
This bug still exists in 11-STABLE.
To submitter: ist his aging PR still relevant for recent FreeBSD branches?
(In reply to Mark Linimon from comment #15) Alas, I have since abandoned this perilous quest. =) I was surprised to see this PR was still alive. So as far as I'm concerned this PR can be closed or inherited by someone else who's currently seeks to be OpenSSL-free.