Opened 3 years ago

Closed 3 years ago

#64747 closed update (fixed)

libressl-devel update to 3.5.0

Reported by: artkiver (グレェ) Owned by: artkiver (グレェ)
Priority: Normal Milestone:
Component: ports Version:
Keywords: Cc:
Port: libressl-devel

Description

LibreSSL has updated their development branch to 3.5.0 as of February 24th, 2022.

Release notes here:

https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.0-relnotes.txt

It seems as this is under active development (OpenBSD 7.1 is tagged as beta currently and based upon reading elsewhere, it seems as if LibreSSL may iterate a bit before the 7.1 release is finalized).

This is a preliminary attempt at an update.

My Trac ticket https://trac.macports.org/ticket/63615 had provided diffs for libressl-devel updates as well, though the initial PR on GitHub seemed overcomplicated by attempting to update two ports simultaneously. Not to mention, updating the main LibreSSL port as well as LibreSSL-devel to the same version maybe wasn't entirely in the spirit of the -devel branch?

The port itself seems to build cleanly. However, at least one issue with libevent seems to arise when using this version of LibreSSL as a dependency, so further effort may be required on other ports which utilize this development branch of LibreSSL. Others are welcome to look it over, I've only glanced at libevent's error log briefly thus far.

Attachments (1)

Portfile-libressl-devel-3.5.0.diff (886 bytes) - added by artkiver (グレェ) 3 years ago.
diff of libressl-devel Portfile bumping the version from 2.9.2 to 3.5.0

Download all attachments as: .zip

Change History (7)

Changed 3 years ago by artkiver (グレェ)

diff of libressl-devel Portfile bumping the version from 2.9.2 to 3.5.0

comment:1 Changed 3 years ago by artkiver (グレェ)

I've added a diff, and will submit a PR on GitHub as well. Hopefully it will go more smoothly than my PR attempts with 63615.

Thanks!

comment:2 Changed 3 years ago by artkiver (グレェ)

For the sake of thoroughness, here is a link to the PR on GitHub:

https://github.com/macports/macports-ports/pull/14158

comment:3 Changed 3 years ago by artkiver (グレェ)

Got some feedback on that PR and closed it.

New PR with recommended changes is: https://github.com/macports/macports-ports/pull/14166

comment:4 Changed 3 years ago by artkiver (グレェ)

As a couple of caveats when working with this so far:

libevent seems to fail to build, despite this, I can still get tmux (which has libevent as a dependency) installed and running.

Excerpt from my: /opt/local/var/macports/logs/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_devel_libevent/libevent/main.log

info:build Command failed:  cd "/opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_devel_libevent/libevent/work/libevent-2.1.12-stable" && /usr/bin/make -j8 -w all 
:info:build Exit code: 2
:error:build Failed to build libevent: command execution failed
:debug:build Error code: CHILDSTATUS 10889 2
:debug:build Backtrace: command execution failed
:debug:build     while executing
:debug:build "system {*}$notty {*}$callback {*}$nice $fullcmdstring"
:debug:build     invoked from within
:debug:build "command_exec -callback portprogress::target_progress_callback build"
:debug:build     (procedure "portbuild::build_main" line 8)
:debug:build     invoked from within
:debug:build "$procedure $targetname"

Additionally, while I was able to install OpenSSH 8.9p1 using this version of LibreSSL, the install was tripping up with the default variant using kerberos5. Thus, when using this version of LibreSSL, it seems as if OpenSSH should either be installed without the kerberos5 (which doesn't impact my use case) or additional debugging appears to be required with the kerberos5 variant enabled by default.

Excerpt from my: /opt/local/var/macports/logs/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_net_kerberos5/kerberos5/main.log

:info:build make[4]: Leaving directory `/opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_net_kerberos5/kerberos5/work/krb5-1.19.2/src/lib/crypto/openssl/enc_provider'
:info:build making all in lib/crypto/openssl/hash_provider...
:info:build make[4]: Entering directory `/opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_net_kerberos5/kerberos5/work/krb5-1.19.2/src/lib/crypto/openssl/hash_provider'
:info:build /usr/bin/clang  -DSHARED -DHAVE_CONFIG_H  -I../../../../include -I../../../../include -I./../../krb -I./.. -DKRB5_DEPRECATED=1 -DKRB5_PRIVATE -I/opt/local/include -isysroot/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX12.1.sdk -pipe -Os -isysroot/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX12.1.sdk -arch arm64 -fno-common -Werror=unknown-warning-option -Wall -Wcast-align -Wshadow -Wmissing-prototypes -Wno-format-zero-length -Woverflow -Wstrict-overflow -Wmissing-format-attribute -Wmissing-prototypes -Wreturn-type -Wmissing-braces -Wparentheses -Wswitch -Wunused-function -Wunused-label -Wunused-variable -Wunused-value -Wunknown-pragmas -Wsign-compare -Wnewline-eof -Wdeclaration-after-statement -pthread  -c hash_evp.c -o hash_evp.so.o && mv -f hash_evp.so.o hash_evp.so
:info:build : updated OBJS.SH
:info:build make[4]: Leaving directory `/opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_net_kerberos5/kerberos5/work/krb5-1.19.2/src/lib/crypto/openssl/hash_provider'
:info:build make[3]: Leaving directory `/opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_net_kerberos5/kerberos5/work/krb5-1.19.2/src/lib/crypto/openssl'
:info:build make[2]: *** [all-recurse] Error 1
:info:build make[2]: Leaving directory `/opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_net_kerberos5/kerberos5/work/krb5-1.19.2/src/lib/crypto'
:info:build make[1]: *** [all-recurse] Error 1
:info:build make[1]: Leaving directory `/opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_net_kerberos5/kerberos5/work/krb5-1.19.2/src/lib'
:info:build make: *** [all-recurse] Error 1
:info:build make: Leaving directory `/opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_net_kerberos5/kerberos5/work/krb5-1.19.2/src'
:info:build Command failed:  cd "/opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_net_kerberos5/kerberos5/work/krb5-1.19.2/src" && /usr/bin/make -j8 -w all 
:info:build Exit code: 2
:error:build Failed to build kerberos5: command execution failed
:debug:build Error code: CHILDSTATUS 18240 2
:debug:build Backtrace: command execution failed
:debug:build     while executing
:debug:build "system {*}$notty {*}$callback {*}$nice $fullcmdstring"
:debug:build     invoked from within
:debug:build "command_exec -callback portprogress::target_progress_callback build"
:debug:build     (procedure "portbuild::build_main" line 8)
:debug:build     invoked from within
:debug:build "$procedure $targetname"

Since neither libevent nor kerberos5 default to libressl-devel as a dependency, it seems as if these errors are not critical.

Nonetheless, for additional development work, especially given the nature that LibreSSL 3.5.0 is considered a development branch, it seemed worth mentioning some other potential pitfalls on related ports as well as potential shorter term workarounds.

As mentioned, I do have OpenSSH 8.9p1 installed with LibreSSL 3.5.0 (omitting the kerberos5 port variant) and tmux seems to be functioning OK despite libevent having issues that do not seem to be easily resolved with a port rev-upgrade.

Thanks!

Last edited 3 years ago by artkiver (グレェ) (previous) (diff)

comment:5 Changed 3 years ago by artkiver (グレェ)

Some additional, potentially useful debugging information as related to the above:

sudo port -v upgrade outdated
Password:
Nothing to upgrade.
--->  Scanning binaries for linking errors
Could not open /opt/local/libexec/openssl3/lib/libcrypto.3.dylib: Error opening or reading file (referenced from /opt/local/lib/libevent_openssl-2.1.7.dylib)
Could not open /opt/local/libexec/openssl3/lib/libssl.3.dylib: Error opening or reading file (referenced from /opt/local/lib/libevent_openssl-2.1.7.dylib)
--->  Found 44 broken files, matching files to ports
--->  Found 2 broken ports, determining rebuild order
You can always run 'port rev-upgrade' again to fix errors.
The following ports will be rebuilt:
 libevent @2.1.12
 kerberos5 @1.19.2
Continue? [Y/n]: 

This is with:

% openssl version
LibreSSL 3.5.0

However, clearly this version of LibreSSL seems to function OK with some other MacPorts OK, e.g.

% ssh -V
OpenSSH_8.9p1, LibreSSL 3.5.0

comment:6 Changed 3 years ago by artkiver (グレェ)

Owner: set to artkiver
Resolution: fixed
Status: newclosed

In cb6754e839b6e644a3bbe28f0c5b19c7a7adfba1/macports-ports (master):

libressl-devel: update to 3.5.0

Closes: #64747

Note: See TracTickets for help on using tickets.