openssl 1.0.2g_0 fails to build on Mac OS X 10.6.8

[floehlj@…]

The following lines taken from the main.log seem to be the problem:

:info:build sha1-x86_64.s:1243:missing or invalid immediate expression `0b00011011' taken as 0
:info:build sha1-x86_64.s:1243:suffix or operands invalid for `pshufd'
:info:build sha1-x86_64.s:1245:missing or invalid immediate expression `0b00011011' taken as 0
:info:build sha1-x86_64.s:1245:suffix or operands invalid for `pshufd'
:info:build sha1-x86_64.s:1395:missing or invalid immediate expression `0b00011011' taken as 0
:info:build sha1-x86_64.s:1395:suffix or operands invalid for `pshufd'
:info:build sha1-x86_64.s:1396:missing or invalid immediate expression `0b00011011' taken as 0
:info:build sha1-x86_64.s:1396:suffix or operands invalid for `pshufd'
:info:build make[2]: *** [sha1-x86_64.o] Error 1

main.log attached

[gnw3]

A workaround is to build with clang36:

sudo port -s upgrade openssl configure.compiler=macports-clang-3.6

[floehlj@…]

Replying to gnwiii@…:

A workaround is to build with clang36:

sudo port -s upgrade openssl configure.compiler=macports-clang-3.6

Thank you for your reply, but it seems, that this doesn't work for me:

$ port -s upgrade openssl configure.compiler=macports-clang-3.6
Error: port lookup failed: too many nested evaluations (infinite loop?)
To report a bug, follow the instructions in the guide:
    http://guide.macports.org/#project.tickets

[mf2k (Frank Schima)]

In the future, please fill in the Port field and Cc the port maintainers (port info --maintainers openssl), if any.

[floehlj@…]

Replying to mf2k@…:

In the future, please fill in the Port field and Cc the port maintainers (port info --maintainers openssl), if any.

Sorry for mistake - will do.

[devernay (Frédéric Devernay)]

Cc Me!

[Gravarty@…]

Replying to gnwiii@…:

A workaround is to build with clang36:

sudo port -s upgrade openssl configure.compiler=macports-clang-3.6

well that's not possible because i need to install openssl first to actually install clang-3.6 ..

(i know it's for the upgrade .. but there's no way to install it on a fresh install right now ..)

[SlaunchaMan (Jeff Kelley)]

I tried the workaround and got this error:

bash-3.2$ sudo sudo port -s upgrade openssl configure.compiler=macports-clang-3.6
Error: port lookup failed: too many nested evaluations (infinite loop?)

[SlaunchaMan (Jeff Kelley)]

Replying to SlaunchaMan@…:

I tried the workaround and got this error:

bash-3.2$ sudo sudo port -s upgrade openssl configure.compiler=macports-clang-3.6
Error: port lookup failed: too many nested evaluations (infinite loop?)

To clarify: I’m on OS X 10.6.8, not the server version.

[SlaunchaMan (Jeff Kelley)]

Cc Me!

[udbraumann]

Cc Me!

[petrrr]

Cc Me!

[petrrr]

This looks like being quite critical. Most of he builds on the SL buildbot seem to be broken due to openssl.

[udbraumann]

FWIW, on 10.5.8 PPC 32bit there was no problem to upgrade to openssl @1.0.2g_0+universal.

[sixcolors@…]

Same issue for me too...

[gaport@…]

Replying to SlaunchaMan@…:

I tried the workaround and got this error:

bash-3.2$ sudo sudo port -s upgrade openssl configure.compiler=macports-clang-3.6
Error: port lookup failed: too many nested evaluations (infinite loop?)

I'm happy, since I found a previously installed clang; you may try:

sudo port installed | grep clang

I've found a clang-3.4, thus I did a (better clean before):

sudo port -s clean openssl
sudo port -s upgrade openssl configure.compiler=macports-clang-3.4

maybe this works for other clangs as well…. goog luck!

[gaport@…]

Cc Me!

[ben.pts@…]

Still fails the same way, 10.6.8, user version, not server

[jmroot (Joshua Root)]

The problem is just that the old as doesn't recognise binary literals. The attached patch got it to build and pass the test suite for me on 10.6/x86_64.

If upstream is still interested in being portable to older platforms, they'll need to fix this.

[floehlj@…]

Replying to jmr@…:

The problem is just that the old as doesn't recognise binary literals. The attached patch got it to build and pass the test suite for me on 10.6/x86_64.

If upstream is still interested in being portable to older platforms, they'll need to fix this.

Thank you for your help. I tried your patch file and for me it works fine. The openssl 1.0.2g build completed without errors after applying your patch file. It was not neccessary for me to use a patch file before, so I was not too experienced with that process. Perhaps I made a mistake in regard to the source paths, because I manually had to drag and drop every single .pl file to the Terminal window which needed to be patched, but in the end it worked. Thank you again.

[drosehn (Garance A Drosehn)]

Replying to gaport@…:

I've found a clang-3.4, thus I did a (better clean before):

sudo port -s clean openssl
sudo port -s upgrade openssl configure.compiler=macports-clang-3.4

maybe this works for other clangs as well…. good luck!

My system did not have clang-3.4 installed. And attempting to install it ran into trouble, because various dependencies meant that openssl needed to be recompiled before compiling clang-3.4. However, there was a way around that problem.

I did:

sudo port selfupdate          # of course
sudo port installed outdated
sudo port rdeps clang-3.4

and then looked over the dependencies for clang which would cared about openssl. Those dependencies included two ports which (in my case) needed to be upgraded: scons and python27

So I:

sudo port update  -n python27
sudo port install -n clang-3.4
sudo port -s clean openssl     #  this is important!!
sudo port -s upgrade openssl configure.compiler=macports-clang-3.4

(hmm, I thought I had also done 'sudo port update -n scons', but looking over my bash history I had not done that).

This time openssl built without any errors. I then did 'sudo port upgrade cyrus-sasl2', 'sudo port upgrade ruby20', and 'sudo port upgrade net-snmp' (all of which require openssl), and all of those built fine.

Should I do something so this new (to me) clang-3.4 is preferred over clang-3.3 ?

[drosehn (Garance A Drosehn)]

Cc Me!

[neverpanic (Clemens Lang)]

I've pushed the patch upstream as a github pull request at ​https://github.com/openssl/openssl/pull/792. I have also sent an email to OpenSSL's bug tracking system to get a ticket reference, but haven't received confirmation or a ticket number yet.

[neverpanic (Clemens Lang)]

This seems to be describing the issue: ​https://mta.openssl.org/pipermail/openssl-dev/2016-March/005605.html

[ivl1705]

Cc Me!

[chillin-]

Cc Me!

[mojca (Mojca Miklavec)]

Cc Me!

[mojca (Mojca Miklavec)]

Duplicate: #50823

[mojca (Mojca Miklavec)]

Would it be possible to commit a patch (even if just for 10.6; if you think it works of course) even if upstream hasn't confirmed it yet, to avoid numerous build failures on the buildbot?

[robtron88@…]

Cc Me!

[neverpanic (Clemens Lang)]

I don't want to patch around this without getting upstream involved. I don't consider brokenness on 10.6 (an ancient platform) severe enough to second-guess upstream on this issue.

Additionally, it seems while the patch by jmr@ works, it's not really the right thing to do here, so I'd like to get this implemented correctly first.

[neverpanic (Clemens Lang)]

Please try the two patches

• 0001-Revert-perlasm-x86_64-xlate.pl-pass-pure-constants-v.patch
• 0002-RT3885-OpenSSL-fails-to-cross-compile-on-32-bit-64-b.patch

instead and report back whether this fixes the issue. According to ​https://mta.openssl.org/pipermail/openssl-dev/2016-March/005623.html, it will, but I'd like to make sure and I don't have the resources to build on 10.6.

[ryandesign (Ryan Carsten Schmidt)]

Thanks, works for me. Log of build and test attached.

[ryandesign (Ryan Carsten Schmidt)]

log of successful build and test with clemens' patchfiles

[ryandesign (Ryan Carsten Schmidt)]

Note that the port currently uses p0 patches but your patches are p1 and need to be changed to p0.

[neverpanic (Clemens Lang)]

For reference: ​https://github.com/Homebrew/homebrew/issues/49814

[neverpanic (Clemens Lang)]

Fixed in r146395. I did not bump the revision, because openssl did either build correctly, or not at all.

[chillin-]

a little confused that this is closed... My 10.6 build is still failing. Will the patches be automatically applied on 10.6 systems, or must they be applied manually?

[ryandesign (Ryan Carsten Schmidt)]

You run sudo port selfupdate to receive the changes.

[chillin-]

Replying to ryandesign@…:

You run sudo port selfupdate to receive the changes.

I believe there may be a mysterious and possibly unexplainable latency of countless dozens of seconds between the instant a fix is resolved and when that resolution will be available through selfupdate on my hardware. Until there's a resolution for this, I found a workaround:

sleep 60

[ryandesign (Ryan Carsten Schmidt)]

Yes, there can be a delay, which is not mysterious. If your MacPorts is configured to get its ports tree from the subversion repository, you'll get the fix immediately. If you're configured to use the main rsync server (that's the default), you may be delayed by up to 30 minutes because the Subversion repository is only copied to the rsync server every 30 minutes. If you use one of the mirror rsync servers, you may be delayed by up to 24 hours, depending on how often that mirror syncs with the main rsync server.