Bug 229030 - security/botan110: Fails to build with OpenSSL 1.1
Summary: security/botan110: Fails to build with OpenSSL 1.1
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Dima Panov
Depends on:
Blocks: 228865
  Show dependency treegraph
Reported: 2018-06-14 20:20 UTC by Bernard Spil
Modified: 2018-11-22 13:26 UTC (History)
4 users (show)

See Also:
lapo: maintainer-feedback-

Fix OpenSSL 1.1.x build (9.46 KB, patch)
2018-10-15 00:38 UTC, Nathan
no flags Details | Diff
botan110.diff (7.44 KB, patch)
2018-11-05 11:09 UTC, Tobias Kortkamp
tobik: maintainer-approval? (lapo)
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Bernard Spil freebsd_committer 2018-06-14 20:20:01 UTC
> src/engine/openssl/ossl_bc.cpp:43:30: error: field has incomplete type 'EVP_CIPHER_CTX' (aka 'evp_cipher_ctx_st')

During BSDCan 2018 the intention to update OpenSSL in base to 1.1.x branch was documented.

Intention is to update 12-STABLE to current 1.1.0 and subsequently update it to 1.1.1 when that is released. The intent to update OpenSSL to 1.1 in 12 has now officially been documented in Bug #228912 

Poudriere log: https://keg.brnrd.eu/data/111amd64-default-openssl110/2018-06-11_10h42m37s/logs/errors/botan110-1.10.13_8.log
Comment 1 Nathan 2018-10-15 00:38:07 UTC
Created attachment 198160 [details]
Fix OpenSSL 1.1.x build

security/botan110: Fix OpenSSL build
 PR:             228865
 Submitted by:   Nathan <ndowens@yahoo.com>
Comment 2 Dima Panov freebsd_committer 2018-10-26 10:54:15 UTC
Comment 3 Lapo Luchini 2018-10-29 14:33:15 UTC
Botan branch 1.10.x doesn't officially support OpenSSL 1.1.

This patch, which I tested both per se and over existing 1.10.17 upgrade as per bug 222971, breaks build on 11.2/amd64 with:

src/engine/openssl/ossl_md.cpp:102:4: error: use of undeclared identifier 'EVP_MD_CTX_free'

I guess that chunk should be #ifdef-protected depending on OpenSSL version, but I didn't have the time to test my theory yet.
Comment 4 Lapo Luchini 2018-10-29 14:46:02 UTC
Yes, it does work changing the last chunk to:

@@ -95,7 +95,11 @@ EVP_HashFunction::EVP_HashFunction(const EVP_MD* algo,
-   EVP_MD_CTX_cleanup(&md);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000
+   EVP_MD_CTX_free(md);
+   EVP_MD_CTX_cleanup(md);

…but this means there was a change already (to require removing the "&") which I didn't track down (yet).
Comment 5 commit-hook freebsd_committer 2018-10-30 14:00:54 UTC
A commit references this bug:

Author: fluffy
Date: Tue Oct 30 14:00:32 UTC 2018
New revision: 483489
URL: https://svnweb.freebsd.org/changeset/ports/483489

  - Update to 1.10.7 release [1]
  - While here, add unofficial OpenSSL 1.1.x API support [2, based on]

  PR:		222971 [1], 229030 [2]
  Submitted by:	Ralf van der Enden [1], Nathan Dowens [2]
  Reported by:	brnrd [2]
  Approved by:	maintainer
  MFH:		2018Q4

Comment 6 Tobias Kortkamp freebsd_committer 2018-11-05 11:09:14 UTC
Created attachment 198959 [details]

As mentioned on ports-committers, the committed fix does not work and breaks
the runtime.  It leads to build failures/segfaults in dependent ports now:


Here is an attempt to fix it.  It also hooks up the test suite so that we
can sanity check changes easier in the future.
Comment 7 commit-hook freebsd_committer 2018-11-19 17:36:16 UTC
A commit references this bug:

Author: tobik
Date: Mon Nov 19 17:35:57 UTC 2018
New revision: 485334
URL: https://svnweb.freebsd.org/changeset/ports/485334

  security/botan110: Attempt to unbreak consumers with OpenSSL 1.1.1

  The OpenSSL 1.1.1 support added in ports r483489 was incomplete and
  leads to segfaults and build failures in consumers [1,2].  Amend
  the patch to actually allocate some memory.

  While here hook up the test suite.

  [1] http://beefy11.nyi.freebsd.org/data/head-i386-default/p483632_s339979/logs/bundy-0.20170618_10.log
  [2] http://beefy11.nyi.freebsd.org/data/head-i386-default/p483632_s339979/logs/monotone-1.1_13.log

  PR:		229030
  Approved by:	lapo@lapo.it (maintainer timeout, 2 weeks)
  Pointy hat:	fluffy