Bug 277517 - net/socat linked to wrong SSL library
Summary: net/socat linked to wrong SSL library
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: amd64 Any
: --- Affects Only Me
Assignee: Emanuel Haupt
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2024-03-05 23:55 UTC by Dave Hayes
Modified: 2024-03-21 20:06 UTC (History)
0 users

See Also:
bugzilla: maintainer-feedback? (ehaupt)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Dave Hayes 2024-03-05 23:55:50 UTC 
In my make.conf I have:

DEFAULT_VERSIONS+= ...  ssl=libressl ...

So when I build net/socat vi poudriere I get this:

# tar xf packages/All/socat-1.7.4.4.pkg
tar: Removing leading '/' from member names
# ldd usr/local/bin/socat 
usr/local/bin/socat:
        ...
	libssl.so.111 => /usr/lib/libssl.so.111 (0x3326e035d000)
	libcrypto.so.111 => /lib/libcrypto.so.111 (0x3326e1e45000)

This was quite surprising. I have checked this on ports revisions Q4 2023
and Q1 2024 and it's the same result.
Comment 1 Dave Hayes 2024-03-06 01:44:26 UTC 
I should mention I am on 13.2-STABLE: stable/13-c2c7340fef
Comment 2 Emanuel Haupt freebsd_committer freebsd_triage 2024-03-06 06:49:33 UTC 
Confirmed on 14.0. The CHANGES file has the following note about LibreSSL:

        LibreSSL does not have OPENSSL_INIT_new(). This function is now
        guarded. Socat might build with LibreSSL.
        Thanks to Orbea for reporting and helping.
Comment 3 Emanuel Haupt freebsd_committer freebsd_triage 2024-03-10 11:49:13 UTC 
I found a solution:

Adding

CONFIGURE_ARGS+=        --enable-openssl-base=${LOCALBASE}

solves the issue. It's now linked against LibreSSL:

# ldd $(which socat) | grep -e ssl -e crypto
        libssl.so.55 => /usr/local/lib/libssl.so.55 (0x3dfee7f69000)
        libcrypto.so.52 => /usr/local/lib/libcrypto.so.52 (0x3dfee9e4a000)
Comment 4 commit-hook freebsd_committer freebsd_triage 2024-03-10 11:49:54 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=9a7e609520a27bc4d94c03fc78d8a89bbe9fa856

commit 9a7e609520a27bc4d94c03fc78d8a89bbe9fa856
Author:     Emanuel Haupt <ehaupt@FreeBSD.org>
AuthorDate: 2024-03-10 11:49:24 +0000
Commit:     Emanuel Haupt <ehaupt@FreeBSD.org>
CommitDate: 2024-03-10 11:49:31 +0000

    net/socat: Ensure socat respects non-default SSL libraries

    PR:             277517 (based on)
    Reported by:    dave@jetcafe.org

 net/socat/Makefile | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)
Comment 5 Emanuel Haupt freebsd_committer freebsd_triage 2024-03-10 11:50:29 UTC 
Fix committed, thanks for the report!
Comment 6 Dave Hayes 2024-03-10 23:29:41 UTC 
Thanks for the quick fix! :)
Comment 7 Emanuel Haupt freebsd_committer freebsd_triage 2024-03-20 22:01:23 UTC 
Was changing the status from "closed" to "in progress" a mistake, or are there still unresolved issues?
Comment 8 Dave Hayes 2024-03-21 19:13:00 UTC 
I am still getting the issue actually. I am now working on HEAD, and I pull before  I work each time. 

To confirm it's not me, is that ssl= line correct? :)
Comment 9 Dave Hayes 2024-03-21 19:15:00 UTC 
(In reply to Dave Hayes from comment #8)

Ah pardon me, wrong package set. I build way too many different sets. I see the proper libraries in the binary. You can close this.
Comment 10 Emanuel Haupt freebsd_committer freebsd_triage 2024-03-21 20:06:31 UTC 
No worries, issue closed.