Here is the one error: [00:00:08] SSLeay.c:4505:9: error: incompatible integer to pointer conversion assigning to 'SSL_SESSION *' (aka 'struct ssl_session_st *') from 'int' [-Wint-conversion] [00:00:08] RETVAL = SSL_SESSION_dup(sess); This is from a poudriere build off of the ports r2023Q2 branch as of commit 53f4ee66b and with 13.2-STABLE at c27befba6. Note that this package (p5-Net-SSLeay 1.92) built successfully (using the same tools) with 13.2-STABLE at 8c09bde96 and with 12.4 stable at 83dd52764.
This works to fix the issue. --- a/security/p5-Net-SSLeay/Makefile +++ b/security/p5-Net-SSLeay/Makefile @@ -1,9 +1,13 @@ PORTNAME= Net-SSLeay -PORTVERSION= 1.92 +PORTVERSION= 1.93 CATEGORIES= security perl5 -MASTER_SITES= CPAN PKGNAMEPREFIX= p5- +USE_GITHUB= yes +GH_ACCOUNT= radiator-software +GH_PROJECT= p5-net-ssleay +GH_TAGNAME= 1.93_02 + MAINTAINER= perl@FreeBSD.org COMMENT= Perl5 interface to SSL WWW= https://metacpan.org/release/Net-SSLeay You also have to remove files/patch-SSLeay.xs. Both actions allow this port to build.
I'm confused... 1.93 is not a stable release, if I understand correctly (no cpan release for it, but the GH page points explicitly to CPAN with "Information about the latest stable release is available on MetaCPAN", which lists 1.92)? Thoughts?
I believe there were fixes for LibreSSL committed to the p5-Net-SSLeay repo that were not in 1.92. I looked at the tags in that repo and used the _02 developer release. To be clear, at no time now or before am I claiming that this is "stable". It builds and passes my tests, and it's a tagged release rather than "master". :)
Created attachment 246186 [details] update to 1.93 All good, sorry if it sounded like criticism, I was just confused. FWIW, attached a patch that works for me, just removing SSLeay.xs didn't work for me, not 100% sure if I covered everything in the patch, but it seems to work for me.
sorry, forgot to mention: I'm using libressl, which is probably why I needed that SSLeay.xs patch.
Your response sounded more like a query than criticism to me. No worries, I have pretty thick skin. It's odd that you needed that patch and I did not, as I use libressl too. What OS version did you build for?
Build was for 13.2/amd64 Without this patch I get X509_POLICY_TREE is undefined and related errors. The patch is based on cherry picking that one #if out of an openbsd patch: https://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/security/p5-Net-SSLeay/patches/patch-SSLeay_xs?rev=1.12&content-type=text/plain
It's somewhat concerning that I've just built p5-Net-SSLeay again with Q4's ports tree (for OS 13.2) and I don't see your X509_POLICY_TREE error. Can you share what OS revision and ports tree version you are suing?
Hi, I agree that it's odd... so here you go: $ uname -v FreeBSD 13.2-RELEASE-p3 GENERIC It's a poudriere build, and the last time I built it the tree was from nov 3, 2023. Just in case, the related PR259213 has a patch from 2 days ago, which explicitly references the same OpenBSD patch I referred to, above. Not sure if that helps. Let me know if you need more info
Is this about LibreSSL only? If so, could you please test again after https://cgit.freebsd.org/ports/commit/?id=ac15863de9de4d8be19412b1332593390f453272 This just imports a patch from OpenBSD for LibreSSL 3.8.x and with it, the port builds fine for me.
Will test - just to make sure, your commit is about version 1.92, not 1.93 (given the above discussion focuses on 1.93)? And yes, this was probably only about libressl, from the beginning, if I understand correctly.
(In reply to Tassilo Philipp from comment #11) Yes. 1.92 is still the latest *stable* release, so I think it's better to stick to that instead of porting a (moving target) *developer* release.
In my original report, there was only one error and it was about LibreSSL. Thank you for the commit, once I unravel things over here I will test this on the Q42023 branch. BTW I imported a -tagged- developer release. If I understand this correctly, a git tag doesn't move. Also, if you look at the repo, this was tagged 10 months ago and hasn't moved.
(In reply to Dave Hayes from comment #13) > BTW I imported a -tagged- developer release. If I understand this correctly, a > git tag doesn't move. Also, if you look at the repo, this was tagged 10 months > ago and hasn't moved. It's technically possible to move a tag, but it *should* not move, so this wasn't the point. I called it "moving" because this project seems to publish multiple "revisions" of the same developer release. To do it correctly, you'd have to include this revision number as well in DISTVERSION. But my main concern was indeed just the fact that this is labelled a *developer* release. It's certainly ok to use that for a port, but there should be a reason to prefer it over the latest *stable* release. I'd rather avoid such decisions on ports I don't maintain myself, unless I can present a strong reason...
I can confirm it builds fine with poudriere on FreeBSD/amd64 13.2-RELEASE and libressl. Thanks!
(In reply to Tassilo Philipp from comment #15) Thanks for testing, then I assume it's safe to close this one for now. "Overcome by Events" because the build errors were different ones meanwhile.
I just tried to build this as committed (but cherry picked into Q4 which is libressl 3.7.3) and it is not working: [00:00:05] SSLeay.c:4505:9: error: incompatible integer to pointer conversion assigning to 'SSL_SESSION *' (aka 'struct ssl_session_st *') from 'int' [-Wint-conversion] [00:00:05] RETVAL = SSL_SESSION_dup(sess); There's a lot of other warnings too.
(In reply to Dave Hayes from comment #17) I wasn't even aware it was also broken in the Q4 branch. Of course, just cherry-picking there makes little sense given it's a different libressl version. But then, we'd need a different patch for quarterly -- just upgrading to a *development* version is certainly not a thing to do on quarterly. So, if you want the PR reopened to track the issue on quarterly, that's fine. Not sure there are much chances we'll see a patch in the remaining 20 days until the next quarterly though ...
If ana...er extremely meticulous hubreticism is important, opening an issue on Q4 is indicated. Otherwise, since Q4 uses LibreSSL 3.7.3, I am fine with my hack at the moment. Hopefully this becomes a non-issue by Q1 2024.
I can't seem to get p5-Net-SSLeay 1.92 to build on FreeBSD 14.0-RELEASE-p4, LibreSSL 3.8.2, and latest ports tree. I'm seeing this error: SSLeay.c:4505:11: warning: call to undeclared function 'SSL_SESSION_dup'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] RETVAL = SSL_SESSION_dup(sess); ^ SSLeay.c:4505:9: error: incompatible integer to pointer conversion assigning to 'SSL_SESSION *' (aka 'struct ssl_session_st *') from 'int' [-Wint-conversion] RETVAL = SSL_SESSION_dup(sess); ^ ~~~~~~~~~~~~~~~~~~~~~ SSLeay.c:4507:2: warning: '(' and '{' tokens introducing statement expression appear in different macro expansion contexts [-Wcompound-token-split-by-macro] PUSHi(PTR2IV(RETVAL)); ^~~~~~~~~~~~~~~~~~~~~
Created attachment 247421 [details] Patch for p5-Net-SSLeay 1.93_02 + FreeBSD 14 + LibreSSL 3.8.2
I was able to get things working by manually patching SSLeay.xs. I kept the update to 1.93_02, but I see they have tagged 1.93_03 already today.