Bug 232784 - devel/qca Latest version links against undefined OpenSSL 1.1 symbols on 11.2
Summary: devel/qca Latest version links against undefined OpenSSL 1.1 symbols on 11.2
Status: In Progress
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: kde
URL:
Keywords:
: 235628 (view as bug list)
Depends on:
Blocks:
 
Reported: 2018-10-29 16:02 UTC by Ivan
Modified: 2019-02-09 22:18 UTC (History)
8 users (show)

See Also:
tcberner: maintainer-feedback+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Ivan 2018-10-29 16:02:53 UTC
abishai@sphinx:~ % /usr/local/lib/libexec/kdeconnectd
kdeconnect.core: KdeConnect daemon starting
/usr/local/lib/qca-qt5/crypto/libqca-ossl.so: Undefined symbol "EVP_MD_CTX_new"

Reverting latest compatibility patch fixes the issue.
Comment 1 Tobias C. Berner freebsd_committer 2018-10-29 16:33:58 UTC
Moin moin

Could you try with the port before the Openssl fix?

Mfg Tobias
Comment 2 Ivan 2018-10-29 16:51:01 UTC
As I wrote :P
Reverting https://svnweb.freebsd.org/ports?view=revision&revision=481850 fixed the issue.
Comment 3 Tobias C. Berner freebsd_committer 2018-10-29 17:00:22 UTC
(In reply to Ivan from comment #2)
Woops, my bad, I overlooked that sentence :)
Comment 4 Adriaan de Groot freebsd_committer 2018-10-30 10:45:40 UTC
Looks like this can be confirmed: in 12-CURRENT my evp.h contains a declaration of EVP_MD_CTX_new() and #defines EVP_MD_CTX_create() to new. In 11.2, my evp.h contains a declaration of EVP_MD_CTX_create() and nothing for EVP_MD_CTX_new(). Looks like this needs to be guarded more.
Comment 5 w.schwarzenfeld freebsd_triage 2018-10-30 12:01:35 UTC
Similar problem with libressl:
#define M_ASN1_IA5STRING_new() ASN1_IA5STRING_new()
        ^
/usr/local/include/openssl/asn1.h:636:9: note: previous definition is here
#define M_ASN1_IA5STRING_new()  (ASN1_IA5STRING *)\
        ^
/ram/usr/ports/devel/qca/work-qt4/qca-2.1.3/plugins/qca-ossl/qca-ossl.cpp:2835:4: error: use of undeclared identifier 'RSA_meth_set_sign'; did you mean 'DSA_meth_set_sign'?
                        RSA_meth_set_sign(ops, NULL);
                        ^~~~~~~~~~~~~~~~~
                        DSA_meth_set_sign
/usr/local/include/openssl/dsa.h:275:5: note: 'DSA_meth_set_sign' declared here
int DSA_meth_set_sign(DSA_METHOD *meth,
    ^
/ram/usr/ports/devel/qca/work-qt4/qca-2.1.3/plugins/qca-ossl/qca-ossl.cpp:2835:22: error: cannot initialize a parameter of type 'DSA_METHOD *' (aka 'dsa_method *') with an lvalue of type 'RSA_METHOD *' (aka 'rsa_meth_st *')
                        RSA_meth_set_sign(ops, NULL);
                                          ^~~
/usr/local/include/openssl/dsa.h:275:35: note: passing argument to parameter 'meth' here
int DSA_meth_set_sign(DSA_METHOD *meth,
                                  ^
/ram/usr/ports/devel/qca/work-qt4/qca-2.1.3/plugins/qca-ossl/qca-ossl.cpp:2839:4: error: use of undeclared identifier 'RSA_meth_set_verify'; did you mean 'RSA_meth_set_finish'?
                        RSA_meth_set_verify(ops, NULL); //pkcs11_rsa_verify
                        ^~~~~~~~~~~~~~~~~~~
                        RSA_meth_set_finish
/usr/local/include/openssl/rsa.h:442:5: note: 'RSA_meth_set_finish' declared here
int RSA_meth_set_finish(RSA_METHOD *meth, int (*finish)(RSA *rsa));
    ^
/ram/usr/ports/devel/qca/work-qt4/qca-2.1.3/plugins/qca-ossl/qca-ossl.cpp:2860:11: error: use of undeclared identifier 'RSA_F_RSA_OSSL_PRIVATE_DECRYPT'
                        RSAerr(RSA_F_RSA_OSSL_PRIVATE_DECRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
                               ^
1 warning and 4 errors generated.
ninja: build stopped: subcommand failed.
===> Compilation failed unexpectedly.
Try to set MAKE_JOBS_UNSAFE=yes and rebuild before reporting the failure to
the maintainer.
*** Error code 1

Stop.
make[1]: stopped in /usr/ports/devel/qca
*** Error code 1

Stop.
make: stopped in /usr/ports/devel/qca




if I remove patch-plugins_qca-ossl_qca-ossl.cpp it builds fine.
Comment 6 dave 2018-11-26 22:47:51 UTC
Just confirming the above. Libressl appears to break devel/qca on ports/HEAD. Removing patch-plugins_qca-ossl_qca-ossl.cpp fixes the issue and allows all of KDE to be built. :)
Comment 7 Adriaan de Groot freebsd_committer 2018-11-27 10:27:39 UTC
There are eight combinations to test:
 - 11.2 with DEFAULT_VERSIONS+=ssl=<ver> where <ver> is each one of base, openssl, openssl111, libressl, and libressl-devel.
 - 12.0 (-RC2 right now) with the same (I don't count <ver> openssl and openssl111 because those don't seem to make sense on 12?).

Removing a patch in order to fix one of those eight, which breaks another one (presumably 11.2 + openssl111) is not a good step forward. In any case this PR is going nowhere until net/qt4-network is resolved, which has the same eight variants to test (which means roughly 24 hours of compiling for each change).
Comment 8 VVD 2018-12-20 23:10:49 UTC
(In reply to Ivan from comment #0)
> /usr/local/lib/qca-qt5/crypto/libqca-ossl.so: Undefined symbol "EVP_MD_CTX_new"
Here same with psi.

I removed patch https://svnweb.freebsd.org/ports?view=revision&revision=481850 and rebuild qca-qt5 - psi is working fine now.
Comment 9 commit-hook freebsd_committer 2018-12-31 22:30:56 UTC
A commit references this bug:

Author: adridg
Date: Mon Dec 31 22:30:01 UTC 2018
New revision: 488842
URL: https://svnweb.freebsd.org/changeset/ports/488842

Log:
  Be more defensive in Qt5Network code.

  It's possible, but rather unlikely, to build Qt5Network with
  QT_NO_NETWORKINTERFACE, and still get around to building the
  generic bearer. In that case, comment out the workaround
  that needs an interface.

  PR:		232784
  Obtained from:	Max Steciuk

Changes:
  head/net/qt5-network/Makefile
  head/net/qt5-network/files/patch-src_plugins_bearer_generic_qgenericengine.cpp
Comment 10 Adriaan de Groot freebsd_committer 2018-12-31 22:41:31 UTC
This PR is in dire need of a cleanup: what is the actual issue, which make.conf and other settings are in play, and how can te problem be seen? Throwing libressl into the mix doesn't help unless that's clearly indicated, and neither do unrelated compile errors (it *looks* like this was originally a runtime error).

So, back to the original reporter, Ivan: I have an 11.2-RELEASE VM ready. What do I do to show the problem?
Comment 11 Ivan 2019-01-01 12:05:29 UTC
Hello, Adriaan,
I updated my laptop to 12.0, so I'm not sure if this issue is still relevant, but I think it is.

The problem: 11.2 has OpenSSL < 1.1.1 in the base and it simply hasn't sybmols mentioned in https://svnweb.freebsd.org/ports?view=revision&revision=481850 which it applied.

The test is to link qca against base (it does by default) and try to use qca-depended software. It should abort in start.

For example, build deskutils/kdeconnect-kde and attempt to interactivly start it's daemon /usr/local/lib/libexec/kdeconnectd
Comment 12 w.schwarzenfeld freebsd_triage 2019-02-09 22:18:11 UTC
*** Bug 235628 has been marked as a duplicate of this bug. ***