Bug 262114 - security/nettle boringssl installation problem when installing www/envoy/
Summary: security/nettle boringssl installation problem when installing www/envoy/
Status: Closed Overcome By Events
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Po-Chuan Hsieh
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2022-02-22 02:09 UTC by Ulas SAYGIN
Modified: 2022-05-14 16:16 UTC (History)
0 users

See Also:
bugzilla: maintainer-feedback? (sunpoet)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Ulas SAYGIN 2022-02-22 02:09:40 UTC 
In order to install envoy proxy
I need to install nettle,but it gives error because of openssl compability issue.
envoy needs boringssl and nettle are not designed to work with boringssl as base ssl.


-o hogweed-benchmark
ld: error: undefined symbol: RSA_blinding_off
>>> referenced by hogweed-benchmark.c:730
>>>               hogweed-benchmark.o:(bench_openssl_rsa_init)
cc: error: linker command failed with exit code 1 (use -v to see invocation)
ld: error: undefined symbol: EVP_bf_ecb
>>> referenced by nettle-openssl.c:305
>>>               nettle-openssl.o:(openssl_bf128_set_encrypt_key)
>>> referenced by nettle-openssl.c:311
>>>               nettle-openssl.o:(openssl_bf128_set_decrypt_key)

ld: error: undefined symbol: EVP_cast5_ecb
>>> referenced by nettle-openssl.c:349
>>>               nettle-openssl.o:(openssl_cast128_set_encrypt_key)
>>> referenced by nettle-openssl.c:355
>>>               nettle-openssl.o:(openssl_cast128_set_decrypt_key)
gmake[3]: *** [Makefile:109: hogweed-benchmark] Error 1
gmake[3]: *** Waiting for unfinished jobs....
cc: error: linker command failed with exit code 1 (use -v to see invocation)
gmake[3]: *** [Makefile:100: nettle-benchmark] Error 1
gmake[3]: Leaving directory '/skeleton/portsbuild/skeleton/usr/ports/security/nettle/work/nettle-3.7.3/examples'
gmake[2]: *** [Makefile:49: all] Error 2
gmake[2]: Leaving directory '/skeleton/portsbuild/skeleton/usr/ports/security/nettle/work/nettle-3.7.3'
===> Compilation failed unexpectedly.
Try to set MAKE_JOBS_UNSAFE=yes and rebuild before reporting the failure to
the maintainer.
*** Error code 1

Stop.
make[1]: stopped in /skeleton/usr/ports/security/nettle
*** Error code 1

Stop.
make: stopped in /skeleton/usr/ports/security/nettle
Comment 1 Po-Chuan Hsieh freebsd_committer freebsd_triage 2022-02-28 18:24:15 UTC 
boringssl is not a drop-in replacement of openssl. I have no idea how to add boringssl support.

Add boringssl maintainer to CC List. Hope he could shed some light on this issue.
Comment 2 Ulas SAYGIN 2022-03-01 07:02:56 UTC 
some little light for future , may be.

https://github.com/envoyproxy/envoy-openssl/issues/1#issuecomment-1054128983
Comment 3 Po-Chuan Hsieh freebsd_committer freebsd_triage 2022-05-14 16:16:59 UTC 
(In reply to Po-Chuan Hsieh from comment #1)
(In reply to Ulas SAYGIN from comment #2)

I'd like to close this PR since I have no idea how to add boringssl support to nettle.

envoy does not depend on nettle directly. Maybe you could change your ports settings to skip nettle.

I think the best way is to ask danfe@ (maintainer of www/envoy) how to build the package. He might be able to provide a solution.