Created attachment 197419 [details] Patch for cyrus-sasl2-saslauthd enabling openssl 1.1.0 build Please find enclosed the patch for security/cyrus-sasl2 to enable saslauthd to build with openssl 1.1.0i on FreeBSD 11.2-STABLE r338612M. There is already a patch in /usr/ports/security/cyrus-sasl2/files/ called patch-saslauthd_lak.c I've moved this file to patch-saslauthd_lak2.c and added the patch from https://build.opensuse.org/package/view_file/network/cyrus-sasl-saslauthd/cyrus-sasl-2.1.27-openssl-1.1.0.patch?expand=1 naming it patch-saslauthd_lak2.c simply to preserve line numbering. They could easily be merged, but that's a maintainers call. Note: This new patch needs to be applied to /usr/ports/security/cyrus-sasl2/files/ and not /usr/ports/security/cyrus-sasl2-saslauthd/files/
A commit references this bug: Author: ume Date: Mon Sep 24 12:46:13 UTC 2018 New revision: 480605 URL: https://svnweb.freebsd.org/changeset/ports/480605 Log: Add OpenSSL 1.1.0 support for saslauthd. There are the patches to support OpenSSL 1.1.0 in cyrus-sasl2 port, already. But, it was incomplete for saslauthd. PR: 231647 Submitted by: dewayne [...] heuristicsystems.com.au (with some modifications) Changes: head/security/cyrus-sasl2/files/patch-saslauthd_lak.c
Thank you for the info. Though it seemed buildable without your patch, it was inpomplete. However, your patch was still imcomplete. So, I made the patch from cyrus-sasl-2.1.27-rc8, then committed it.
(In reply to Hajimu UMEMOTO from comment #2) Excellent :) Thank-you for addressing. (One small step for openssl, one giant leap for Cyrus)
(In reply to dewayne from comment #3) Unfortunately I didn't think this through. The patch works nicely for openssl 1.1.0, and probably 1.1.1. However it does break openssl 1.0.2p and probably what is in FreeBSD 11.x base, with lak.o: In function `lak_check_hashed': lak.c:(.text+0xb9c): undefined reference to `EVP_MD_CTX_new' lak.c:(.text+0xbab): undefined reference to `EVP_ENCODE_CTX_new' lak.c:(.text+0xc37): undefined reference to `EVP_ENCODE_CTX_free' lak.c:(.text+0xc97): undefined reference to `EVP_MD_CTX_free' lak.c:(.text+0xd0d): undefined reference to `EVP_ENCODE_CTX_free' lak.c:(.text+0xd1a): undefined reference to `EVP_MD_CTX_free' lak.c:(.text+0xd41): undefined reference to `EVP_ENCODE_CTX_free' collect2: error: ld returned 1 exit status *** Error code 1 I think we need a conditional in the Makefile to enable the patch if the builder wants to use openssl 1.1.0 or later. Aside: As I build for other destinations relying upon what I have installed on the build machine is not a valid test :(
It is strange to me. Sorry but I could not reproduce your problem. I confirmed that it could build with either ssl=openssl-devel, ssl=openssl or ssl=base on 11.2-STABLE and 11.2-RELEASE boxes without any problem.
(In reply to Hajimu UMEMOTO from comment #5) Yes it surprised me too - that it worked, until I turned off ccache. Perhaps you have ccache running?
No, I'm not using ccache.
Poudriere jail 11.2-RELEASE. Getting exactly the same error as dewayne. Haven't changed the default openssl version, so I'm at openssl=base.
It was happen when the OPENLDAP option is enabled. It should be fixed now. Please try it.
Confirmed, my poudriere builds on 10.4 and 11.2 no longer break. Much obliged!
(In reply to Hajimu UMEMOTO from comment #9) Thank-you - a good patch. I'll advise Bernard as he may wish to apply against other ports that are experiencing this problem.