Bug 232814 - ftp/wget does not work with OpenSSL 1.1.1
Summary: ftp/wget does not work with OpenSSL 1.1.1
Status: Open
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Vasil Dimov
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-10-30 14:53 UTC by Dennis Clarke
Modified: 2019-08-16 12:18 UTC (History)
1 user (show)

See Also:
bugzilla: maintainer-feedback? (vd)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Dennis Clarke 2018-10-30 14:53:04 UTC
This may not be a bug but merely a release schedule "feature" however the
OpenSSL 1.1.1 release was in the works all year.  Little tools like wget
as a binary package fail and one must rebuild from /usr/ports/ftp/wget with
an update in /etc/make.conf because : 

root@hydra:~ # pkg install wget
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 3 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
        wget: 1.19.5
        libidn2: 2.0.5
        libunistring: 0.9.10

Number of packages to be installed: 3

The process will require 6 MiB more space.
1 MiB to be downloaded.

Proceed with this action? [y/N]: y
[1/3] Fetching wget-1.19.5.txz: 100%  625 KiB 640.1kB/s    00:01    
[2/3] Fetching libidn2-2.0.5.txz: 100%  104 KiB 106.5kB/s    00:01    
[3/3] Fetching libunistring-0.9.10.txz: 100%  524 KiB 536.4kB/s    00:01    
Checking integrity... done (0 conflicting)
[1/3] Installing libunistring-0.9.10...
[1/3] Extracting libunistring-0.9.10: 100%
[2/3] Installing libidn2-2.0.5...
[2/3] Extracting libidn2-2.0.5: 100%
[3/3] Installing wget-1.19.5...
[3/3] Extracting wget-1.19.5: 100%
root@hydra:~ # logout
$ ^Dhydra $
hydra $
hydra $ wget https://www.mpfr.org/mpfr-current/allpatches
ld-elf.so.1: Shared object "libssl.so.9" not found, required by "wget"
hydra $ 

So that won't work.

Let's check /etc/make.conf : 

hydra $ cat /etc/make.conf 
DEFAULT_VERSIONS+=ssl=openssl111

So the build of OpenSSL 1.1.1 results in oddly named shared objects with
non-standard SONAME data in the ELF headers and ultimately one must
build wget from top to bottom with all its dependencies because of the
strange names in OpenSSL shared libs. 

May not be something that can be fixed at all in 12.0 release. Hope it
doesn't lay down a long standing SONAME issue that will be stuck for 
years.
Comment 1 Vasil Dimov freebsd_committer 2018-11-02 08:30:31 UTC
Hi,

I think this is not a problem solely with wget but has something to do with OpenSSL 1.1.1 and/or FreeBSD 12.x. On my 12 box I got lots of similar errors and fixed them by:
* Don't have DEFAULT_VERSIONS+=ssl= in /etc/make.conf. Since the OpenSSL which comes with the base system is 1.1.1, there is no need to have DEFAULT_VERSIONS+=ssl=openssl111. I guess my setting is the same as DEFAULT_VERSIONS+=ssl=base.
* Recompile anything that spits 'Shared object "...ssl/crypto..." not found'

Now I do not have OpenSSL installed from ports at all and things work.

I guess you can also try DEFAULT_VERSIONS+=ssl=openssl in order to install OpenSSL 1.0.2 from ports and link against it.

Btw, I think the contents of /etc/make.conf DEFAULT_VERSIONS+=ssl=... is irrelevant if you are using binary packages installed with pkg.
Comment 2 Dennis Clarke 2018-11-02 13:00:50 UTC
I tend to use ports quite a bit simply because "ports work".
As for the whole OpenSSL version issue .. well I don't quite know 
how to addres that.  I think the release of OpenSSL 1.1.1 just
happened to land in the middle of the 12.o release process and
so there will be problems. Hopefully not long term problems.
Comment 3 Walter Schwarzenfeld freebsd_triage 2019-08-16 12:18:21 UTC
Sorry, was a mistake.