Opened 3 years ago
Closed 3 years ago
#63619 closed defect (fixed)
openssl @1.1_0 conflicts with curl-ca-bundle
Reported by: | ryandesign (Ryan Carsten Schmidt) | Owned by: | |
---|---|---|---|
Priority: | High | Milestone: | |
Component: | ports | Version: | 2.7.1 |
Keywords: | Cc: | cjones051073 (Chris Jones), larryv (Lawrence Velázquez), neverpanic (Clemens Lang), mascguy (Christopher Nielsen) | |
Port: | openssl |
Description
openssl @1.1_0 (after [11dde98343c33a7b98193e348cc92bb516b17876/macports-ports]) conflicts with curl-ca-bundle:
DEBUG: Backtrace: Image error: /opt/local/etc/openssl/cert.pem is being used by the active curl-ca-bundle port. Please deactivate this port first, or use 'port -f activate openssl' to force the activation.
The darwin 16 binary is the only one affected because only the macOS Sierra build machine was offline for awhile so only the macOS Sierra build machine built the binary after [11dde98343c33a7b98193e348cc92bb516b17876/macports-ports]; the other machines built it before that change. But users who build from source may encounter the problem on any system.
Change History (10)
comment:1 Changed 3 years ago by ryandesign (Ryan Carsten Schmidt)
comment:2 follow-up: 3 Changed 3 years ago by RobK88
It should be noted that openssl@1.1_0 also breaks Macports version of sudo. So one cannot just type "sudo port -f activate openssl" or "sudo port deactivate curl-ca-bundle port" etc.
One will need to use the version of "sudo" that was installed with MacOS. E.g. /usr/bin/sudo port -f activate openssl
Here is my output on my Mac running Lion.
bash-3.2$ sudo port upgrade outdated ---> Computing dependencies for openssl11 ---> Fetching distfiles for openssl11 ---> Attempting to fetch openssl-1.1.1l.tar.gz from http://distfiles.macports.org/openssl11 ---> Verifying checksums for openssl11 ---> Extracting openssl11 ---> Applying patches to openssl11 ---> Configuring openssl11 ---> Building openssl11 ---> Staging openssl11 into destroot ---> Installing openssl11 @1.1.1l_3 ---> Activating openssl11 @1.1.1l_3 ---> Cleaning openssl11 ---> Computing dependencies for openssl ---> Fetching distfiles for openssl ---> Verifying checksums for openssl ---> Extracting openssl ---> Configuring openssl ---> Building openssl ---> Staging openssl into destroot ---> Installing openssl @1.1_0 ---> Cleaning openssl ---> Computing dependencies for openssl ---> Deactivating openssl @1.1.1l_1 ---> Cleaning openssl ---> Activating openssl @1.1_0 Error: Failed to activate openssl: Image error: /opt/local/etc/openssl/cert.pem is being used by the active curl-ca-bundle port. Please deactivate this port first, or use 'port -f activate openssl' to force the activation. Error: See /opt/local/var/macports/logs/_opt_local_var_macports_sources_rsync.macports.org_release_tarballs_ports_devel_openssl/openssl/main.log for details.
And here is an example where this port breaks Macports version of "sudo"
bash-3.2$ sudo port -f activate openssl dyld: Library not loaded: /opt/local/lib/libcrypto.1.1.dylib Referenced from: /opt/local/bin/sudo Reason: image not found Trace/BPT trap: 5
To overcome this error:
bash-3.2$ /usr/bin/sudo port -f activate openssl
comment:3 Changed 3 years ago by ryandesign (Ryan Carsten Schmidt)
Replying to RobK88:
It should be noted that openssl@1.1_0 also breaks Macports version of sudo.
Hopefully only if you have installed the sudo port with its non-default +openldap variant. With default variants, sudo should not depend on openssl or anything else.
comment:4 Changed 3 years ago by RobK88
The sudo port was installed on my Mac without any variants.
bash $ port installed sudo The following ports are currently installed: sudo @1.9.8p2_0 (active)
And sudo is not listed as a dependent of openssl.
bash$ port dependents openssl NetSurf depends on openssl curl depends on openssl git depends on openssl kerberos5 depends on openssl libevent depends on openssl links depends on openssl ntp depends on openssl p5.28-net-ssleay depends on openssl postgresql13 depends on openssl python27 depends on openssl python37 depends on openssl python38 depends on openssl python39 depends on openssl rsync depends on openssl xar depends on openssl
It is still a mystery to me why the Macport "sudo" port broke after trying to upgrade openssl.
bash-3.2$ sudo port -f activate openssl dyld: Library not loaded: /opt/local/lib/libcrypto.1.1.dylib Referenced from: /opt/local/bin/sudo Reason: image not found Trace/BPT trap: 5
As I mentioned I was able to fix things by forcing the activation of openssl using the "sudo" binary that was installed with macOS Lion.
comment:5 Changed 3 years ago by cjones051073 (Chris Jones)
I hunk I know what’s wrong and will address as soon as I can…
comment:6 Changed 3 years ago by mascguy (Christopher Nielsen)
Cc: | mascguy added |
---|
comment:9 Changed 3 years ago by RobK88
Thanks Chris for the quick fix. No problems now building, installing and activating openssl now on my Mac running lion.
comment:10 Changed 3 years ago by mascguy (Christopher Nielsen)
Resolution: | → fixed |
---|---|
Status: | new → closed |
After fixing this and increasing openssl's revision, you should force builds of any port that failed on the macOS Sierra builder due to this problem.