[oi-dev] OpenSSL update process

Andreas Wacknitz A.Wacknitz at gmx.de
Sun Feb 7 12:21:35 UTC 2021 

Am 06.02.21 um 21:56 schrieb Aurélien Larcher:
>
> OpenSSL 1.1 is now merged:
>
> 1. The mediator is default set to 1.0 but can be safely set to 1.1.
> 2. illumos-gate is patched to accept library/security/openssl-11 as
> dependency so that it builds when the mediator version is 1.1.
> 3. oi-userland has now a switch USE_OPENSSL10=yes or USE_OPENSSL11=yes
> which should be placed before shared-macros.mk
> <http://shared-macros.mk> is included.
> 4. If 'gmake update' is executed in a component depending on OpenSSL
> then the switch is made to OpenSSL 1.1 unless USE_OPENSSL10=yes is set.
>
> Now the fun begins:
>
>     3. Move all the components supporting OpenSSL 1.1 or update them.
>     4. Deprecate possible rotting components which cannot be updated
>     and may cause security issues.
>
>
> and... the more, the merrier!
>
>
> Cheers
>
>
> _______________________________________________
> oi-dev mailing list
> oi-dev at openindiana.org
> https://openindiana.org/mailman/listinfo/oi-dev
Hi,

do we have a problem with missing engine files in the openssl-11 package?

╰─➤  cat /usr/openssl/1.1/lib/pkgconfig/libcrypto.pc
prefix=/usr/openssl/1.1
exec_prefix=${prefix}
libdir=${exec_prefix}/lib/
includedir=${prefix}/include
enginesdir=${libdir}/engines-1.1

Name: OpenSSL-libcrypto
Description: OpenSSL cryptography library
Version: 1.1.1i
Libs: -L${libdir} -lcrypto
Libs.private: -lsocket -lnsl -ldl -pthread
Cflags: -I${includedir}

So, libcrypto.pc states that there shall be /usr/openssl/1.1/lib/engine
files but there aren't any (same for 64-bit):

╭─andreas at skoll /usr/openssl/1.1/lib/pkgconfig
╰─➤  ls -l /usr/openssl/1.1/lib
total 7445
lrwxrwxrwx   1 root     root           1 Feb  6 11:17 32 -> ./
lrwxrwxrwx   1 root     root           5 Feb  6 11:17 64 -> amd64/
lrwxrwxrwx   1 root     root          12 Feb  6 11:17 CA.pl -> ../bin/CA.pl*
drwxr-xr-x   3 root     sys            7 Feb  6 11:17 amd64/
lrwxrwxrwx   1 root     root          16 Feb  6 11:17 libcrypto.so ->
libcrypto.so.1.1*
-r-xr-xr-x   1 root     bin      2947532 Feb  6 11:17 libcrypto.so.1.1*
lrwxrwxrwx   1 root     root          13 Feb  6 11:17 libssl.so ->
libssl.so.1.1*
-r-xr-xr-x   1 root     bin       748144 Feb  6 11:17 libssl.so.1.1*
drwxr-xr-x   2 root     sys            5 Feb  6 11:17 pkgconfig/

"pkg contents openssl-11" doesn't show any engine files in the package.


Maybe unrelated to this: At the moment I try to build remmina with
openssl-1.1 but it fails to link:

[100%] Linking C executable remmina
Undefined            first referenced
  symbol                  in file
ERR_load_crypto_strings CMakeFiles/remmina.dir/remmina_stats_sender.c.o
ERR_free_strings CMakeFiles/remmina.dir/remmina_stats_sender.c.o
ld: fatal: symbol referencing errors. No output written to remmina

Regards,
Andreas

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openindiana.org/pipermail/oi-dev/attachments/20210207/4f305734/attachment.html>

More information about the oi-dev mailing list