info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Segfault in OpenSSL even though GnuTLS demanded
15 views
Skip to first unread message
Bertram Scharpf
Jul 28, 2016, 2:28:05 PM7/28/16
to
Hi,
first of all, I am compiling ports myself. No packages.
I try to install a console XMPP client. To my
disappointment, both irssi-xmpp and mcabber, too, crash with
the same segfault. Here's an output from gdb.
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 29403080 (LWP 101275/mcabber)]
0x285c1245 in OPENSSL_ia32_cpuid () from /usr/local/lib/libcrypto.so.8
Both ports do no SSL themselves but depend on loudmouth.
However, I have disabled OpenSSL there.
# grep SSL\\\|TLS /var/db/ports/net-im_loudmouth/options
_FILE_COMPLETE_OPTIONS_LIST=DOCS GNUTLS OPENSSL
OPTIONS_FILE_SET+=GNUTLS
OPTIONS_FILE_UNSET+=OPENSSL
I have checked the ./configure calls parameters and there is a
--with-ssl=gnutls indeed.
I tried to config loudmouth with OpenSSL instead of GnuTLS,
but I encounter the same segfault.
What is going on here? What can I do further?
Thanks in advance.
Bertram
--
Bertram Scharpf
Stuttgart, Deutschland/Germany
http://www.bertram-scharpf.de
_______________________________________________
freebsd...@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hacke...@freebsd.org"
first of all, I am compiling ports myself. No packages.
I try to install a console XMPP client. To my
disappointment, both irssi-xmpp and mcabber, too, crash with
the same segfault. Here's an output from gdb.
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 29403080 (LWP 101275/mcabber)]
0x285c1245 in OPENSSL_ia32_cpuid () from /usr/local/lib/libcrypto.so.8
Both ports do no SSL themselves but depend on loudmouth.
However, I have disabled OpenSSL there.
# grep SSL\\\|TLS /var/db/ports/net-im_loudmouth/options
_FILE_COMPLETE_OPTIONS_LIST=DOCS GNUTLS OPENSSL
OPTIONS_FILE_SET+=GNUTLS
OPTIONS_FILE_UNSET+=OPENSSL
I have checked the ./configure calls parameters and there is a
--with-ssl=gnutls indeed.
I tried to config loudmouth with OpenSSL instead of GnuTLS,
but I encounter the same segfault.
What is going on here? What can I do further?
Thanks in advance.
Bertram
--
Bertram Scharpf
Stuttgart, Deutschland/Germany
http://www.bertram-scharpf.de
_______________________________________________
freebsd...@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hacke...@freebsd.org"
Jung-uk Kim
Jul 28, 2016, 3:37:26 PM7/28/16
to
On 07/28/16 02:02 PM, Bertram Scharpf wrote:
> Hi,
>
> first of all, I am compiling ports myself. No packages.
>
> I try to install a console XMPP client. To my
> disappointment, both irssi-xmpp and mcabber, too, crash with
> the same segfault. Here's an output from gdb.
>
> Program received signal SIGSEGV, Segmentation fault.
> [Switching to Thread 29403080 (LWP 101275/mcabber)]
> 0x285c1245 in OPENSSL_ia32_cpuid () from /usr/local/lib/libcrypto.so.8
>
> Both ports do no SSL themselves but depend on loudmouth.
> However, I have disabled OpenSSL there.
>
> # grep SSL\\\|TLS /var/db/ports/net-im_loudmouth/options
> _FILE_COMPLETE_OPTIONS_LIST=DOCS GNUTLS OPENSSL
> OPTIONS_FILE_SET+=GNUTLS
> OPTIONS_FILE_UNSET+=OPENSSL
>
> I have checked the ./configure calls parameters and there is a
> --with-ssl=gnutls indeed.
>
> I tried to config loudmouth with OpenSSL instead of GnuTLS,
> but I encounter the same segfault.
>
> What is going on here? What can I do further?
Try "ldd /usr/local/lib/libloudmouth-1.so.0.1.0". It looks like a
> Hi,
>
> first of all, I am compiling ports myself. No packages.
>
> I try to install a console XMPP client. To my
> disappointment, both irssi-xmpp and mcabber, too, crash with
> the same segfault. Here's an output from gdb.
>
> Program received signal SIGSEGV, Segmentation fault.
> [Switching to Thread 29403080 (LWP 101275/mcabber)]
> 0x285c1245 in OPENSSL_ia32_cpuid () from /usr/local/lib/libcrypto.so.8
>
> Both ports do no SSL themselves but depend on loudmouth.
> However, I have disabled OpenSSL there.
>
> # grep SSL\\\|TLS /var/db/ports/net-im_loudmouth/options
> _FILE_COMPLETE_OPTIONS_LIST=DOCS GNUTLS OPENSSL
> OPTIONS_FILE_SET+=GNUTLS
> OPTIONS_FILE_UNSET+=OPENSSL
>
> I have checked the ./configure calls parameters and there is a
> --with-ssl=gnutls indeed.
>
> I tried to config loudmouth with OpenSSL instead of GnuTLS,
> but I encounter the same segfault.
>
> What is going on here? What can I do further?
Kerberos issue.
Jung-uk Kim
Bertram Scharpf
Jul 28, 2016, 4:55:51 PM7/28/16
to
On Thursday, 28. Jul 2016, 15:37:00 -0400, Jung-uk Kim wrote:
> On 07/28/16 02:02 PM, Bertram Scharpf wrote:
> >
> > Program received signal SIGSEGV, Segmentation fault.
> > [Switching to Thread 29403080 (LWP 101275/mcabber)]
> > 0x285c1245 in OPENSSL_ia32_cpuid () from /usr/local/lib/libcrypto.so.8
>
> On 07/28/16 02:02 PM, Bertram Scharpf wrote:
> >
> > Program received signal SIGSEGV, Segmentation fault.
> > [Switching to Thread 29403080 (LWP 101275/mcabber)]
> > 0x285c1245 in OPENSSL_ia32_cpuid () from /usr/local/lib/libcrypto.so.8
>
> Try "ldd /usr/local/lib/libloudmouth-1.so.0.1.0". It looks like a
> Kerberos issue.
No errors. They do all exist. I double-checked it:
> Kerberos issue.
$ ldd /usr/local/lib/libloudmouth-1.so.0.1.0 | perl -lne '/=>\s*(\S+)/ and not -e $1 and print $1'
Jung-uk Kim
Jul 28, 2016, 5:26:17 PM7/28/16
to
On 07/28/16 04:55 PM, Bertram Scharpf wrote:
> On Thursday, 28. Jul 2016, 15:37:00 -0400, Jung-uk Kim wrote:
>> On 07/28/16 02:02 PM, Bertram Scharpf wrote:
>>>
>>> Program received signal SIGSEGV, Segmentation fault.
>>> [Switching to Thread 29403080 (LWP 101275/mcabber)]
>>> 0x285c1245 in OPENSSL_ia32_cpuid () from /usr/local/lib/libcrypto.so.8
>>
>> Try "ldd /usr/local/lib/libloudmouth-1.so.0.1.0". It looks like a
>> Kerberos issue.
>
> No errors. They do all exist. I double-checked it:
>
> $ ldd /usr/local/lib/libloudmouth-1.so.0.1.0 | perl -lne '/=>\s*(\S+)/ and not -e $1 and print $1'
I guess you misunderstood. I didn't mean you have a missing library. I
> On Thursday, 28. Jul 2016, 15:37:00 -0400, Jung-uk Kim wrote:
>> On 07/28/16 02:02 PM, Bertram Scharpf wrote:
>>>
>>> Program received signal SIGSEGV, Segmentation fault.
>>> [Switching to Thread 29403080 (LWP 101275/mcabber)]
>>> 0x285c1245 in OPENSSL_ia32_cpuid () from /usr/local/lib/libcrypto.so.8
>>
>> Try "ldd /usr/local/lib/libloudmouth-1.so.0.1.0". It looks like a
>> Kerberos issue.
>
> No errors. They do all exist. I double-checked it:
>
> $ ldd /usr/local/lib/libloudmouth-1.so.0.1.0 | perl -lne '/=>\s*(\S+)/ and not -e $1 and print $1'
believe it links *two* libcrypto.so's, i.e., one from base and one from
ports.
Jung-uk Kim
Bertram Scharpf
Jul 28, 2016, 5:37:51 PM7/28/16
to
# ldd /usr/local/lib/libloudmouth-1.so.0.1.0 | grep libcrypto
libcrypto.so.8 => /usr/local/lib/libcrypto.so.8 (0x28d00000)
libcrypto.so.7 => /lib/libcrypto.so.7 (0x2925b000)
So, how could I resolve this?
Jung-uk Kim
Jul 28, 2016, 5:57:12 PM7/28/16
to
On 07/28/16 05:37 PM, Bertram Scharpf wrote:
> On Thursday, 28. Jul 2016, 17:25:50 -0400, Jung-uk Kim wrote:
>> On 07/28/16 04:55 PM, Bertram Scharpf wrote:
>>> On Thursday, 28. Jul 2016, 15:37:00 -0400, Jung-uk Kim wrote:
>>>> On 07/28/16 02:02 PM, Bertram Scharpf wrote:
>>>>>
>>>>> Program received signal SIGSEGV, Segmentation fault.
>>>>> [Switching to Thread 29403080 (LWP 101275/mcabber)]
>>>>> 0x285c1245 in OPENSSL_ia32_cpuid () from /usr/local/lib/libcrypto.so.8
>>>>
>>>> Try "ldd /usr/local/lib/libloudmouth-1.so.0.1.0". It looks like a
>>>> Kerberos issue.
>>>
>>> No errors. They do all exist. I double-checked it:
>>>
>>> $ ldd /usr/local/lib/libloudmouth-1.so.0.1.0 | perl -lne '/=>\s*(\S+)/ and not -e $1 and print $1'
>>
>> I guess you misunderstood. I didn't mean you have a missing library. I
>> believe it links *two* libcrypto.so's, i.e., one from base and one from
>> ports.
>
> Indeed:
>
> # ldd /usr/local/lib/libloudmouth-1.so.0.1.0 | grep libcrypto
> libcrypto.so.8 => /usr/local/lib/libcrypto.so.8 (0x28d00000)
> libcrypto.so.7 => /lib/libcrypto.so.7 (0x2925b000)
>
> So, how could I resolve this?
You may ask its maintainer (gn...@FreeBSD.org) to add USES+=gssapi and
> On Thursday, 28. Jul 2016, 17:25:50 -0400, Jung-uk Kim wrote:
>> On 07/28/16 04:55 PM, Bertram Scharpf wrote:
>>> On Thursday, 28. Jul 2016, 15:37:00 -0400, Jung-uk Kim wrote:
>>>> On 07/28/16 02:02 PM, Bertram Scharpf wrote:
>>>>>
>>>>> Program received signal SIGSEGV, Segmentation fault.
>>>>> [Switching to Thread 29403080 (LWP 101275/mcabber)]
>>>>> 0x285c1245 in OPENSSL_ia32_cpuid () from /usr/local/lib/libcrypto.so.8
>>>>
>>>> Try "ldd /usr/local/lib/libloudmouth-1.so.0.1.0". It looks like a
>>>> Kerberos issue.
>>>
>>> No errors. They do all exist. I double-checked it:
>>>
>>> $ ldd /usr/local/lib/libloudmouth-1.so.0.1.0 | perl -lne '/=>\s*(\S+)/ and not -e $1 and print $1'
>>
>> I guess you misunderstood. I didn't mean you have a missing library. I
>> believe it links *two* libcrypto.so's, i.e., one from base and one from
>> ports.
>
> Indeed:
>
> # ldd /usr/local/lib/libloudmouth-1.so.0.1.0 | grep libcrypto
> libcrypto.so.8 => /usr/local/lib/libcrypto.so.8 (0x28d00000)
> libcrypto.so.7 => /lib/libcrypto.so.7 (0x2925b000)
>
> So, how could I resolve this?
add an option to select GSS-API from ports. Another solution may be
removing all packages depending on /usr/local/lib/libcrypto.8 and
rebuilding them with base OpenSSL.
Jung-uk Kim
Bertram Scharpf
Jul 29, 2016, 6:15:38 AM7/29/16
to
# pkg info -qr openssl-1.0.2_14 | wc -l
38
The first thing I do not understand is why it is so
important for so many packages to pull in the package.
# openssl version
OpenSSL 1.0.1t-freebsd 3 May 2016
# /usr/local/bin/openssl version
WARNING: can't open config file: /usr/local/openssl/openssl.cnf
OpenSSL 1.0.2h 3 May 2016
The second thing I do not understand is why GSS-API should
help. I searched for USES+=gssapi and did find only four
projects that really have it. None of them is installed
here.
$ rbfind /usr/ports 'prune if name == "work" ; name == "Makefile" and grep /\bUSES.*gssapi/'
Many ports have GSSAPI disabled here and they do not
segfault because of an OpenSSL conflict. Example:
# grep -h 'SET.*GSS' /var/db/ports/databases_postgresql95-*/options
OPTIONS_FILE_UNSET+=GSSAPI
OPTIONS_FILE_UNSET+=GSSAPI
The third thing I do not understand is why there is an
OpenSSL conflict at all. I definitely told loudmouth to use
GnuTLS.
# grep SSL\\\|TLS /var/db/ports/net-im_loudmouth/options
_FILE_COMPLETE_OPTIONS_LIST=DOCS GNUTLS OPENSSL
OPTIONS_FILE_SET+=GNUTLS
OPTIONS_FILE_UNSET+=OPENSSL
# make run-depends-list build-depends-list | grep ssl\\\|tls
/usr/ports/security/gnutls
/usr/ports/security/gnutls
This appears to be a real port bug to me.
Kimmo Paasiala
Jul 29, 2016, 1:01:28 PM7/29/16
to
works. If you link against the base system GSSAPI you will pull in the
base system OpenSSL as well and that can't be avoided regardless of
which version of OpenSSL your port links against. The situation is
exactly the same with for example ftp/curl, see this discussion from
last year:
https://lists.freebsd.org/pipermail/freebsd-ports/2015-April/098651.html
-Kimmo
Bertram Scharpf
Aug 1, 2016, 6:13:35 AM8/1/16
to
On Friday, 29. Jul 2016, 20:00:54 +0300, Kimmo Paasiala wrote:
> >> >>>> On 07/28/16 02:02 PM, Bertram Scharpf wrote:
> >> >>>>>
> >> >>>>> Program received signal SIGSEGV, Segmentation fault.
> >> >>>>> [Switching to Thread 29403080 (LWP 101275/mcabber)]
> >> >>>>> 0x285c1245 in OPENSSL_ia32_cpuid () from /usr/local/lib/libcrypto.so.8
> >> >>>>
>
> >> >>>> On 07/28/16 02:02 PM, Bertram Scharpf wrote:
> >> >>>>>
> >> >>>>> Program received signal SIGSEGV, Segmentation fault.
> >> >>>>> [Switching to Thread 29403080 (LWP 101275/mcabber)]
> >> >>>>> 0x285c1245 in OPENSSL_ia32_cpuid () from /usr/local/lib/libcrypto.so.8
> >> >>>>
>
> It's not exactly a port bug, it's a consequence of how dynamic linking
> works.
As long as an installation with any configuration yields an
> works.
unconditional segmentation fault on startup, it _is_ a port
bug.
However, I have several bug reports and fixes running
anunswered for months. I do not expect anything edifying to
happen if I submit another problem report.
Bertram Scharpf
Aug 1, 2016, 6:35:38 AM8/1/16
to
On Thursday, 28. Jul 2016, 17:56:46 -0400, Jung-uk Kim wrote:
> On 07/28/16 05:37 PM, Bertram Scharpf wrote:
> >>>> On 07/28/16 02:02 PM, Bertram Scharpf wrote:
> >>>>>
> >>>>> Program received signal SIGSEGV, Segmentation fault.
> >>>>> [Switching to Thread 29403080 (LWP 101275/mcabber)]
> >>>>> 0x285c1245 in OPENSSL_ia32_cpuid () from /usr/local/lib/libcrypto.so.8
> >
> >>>> On 07/28/16 02:02 PM, Bertram Scharpf wrote:
> >>>>>
> >>>>> Program received signal SIGSEGV, Segmentation fault.
> >>>>> [Switching to Thread 29403080 (LWP 101275/mcabber)]
> >>>>> 0x285c1245 in OPENSSL_ia32_cpuid () from /usr/local/lib/libcrypto.so.8
> >
> > So, how could I resolve this?
> You may ask its maintainer (gn...@FreeBSD.org) to add USES+=gssapi and
> add an option to select GSS-API from ports.
Where is the appropriate GSS-API in ports?
> You may ask its maintainer (gn...@FreeBSD.org) to add USES+=gssapi and
> add an option to select GSS-API from ports.
Thanks in advance.
Bertram Scharpf
Aug 1, 2016, 5:17:11 PM8/1/16
to
On Thursday, 28. Jul 2016, 17:56:46 -0400, Jung-uk Kim wrote:
> On 07/28/16 05:37 PM, Bertram Scharpf wrote:
> On 07/28/16 05:37 PM, Bertram Scharpf wrote:
> >>> On Thursday, 28. Jul 2016, 15:37:00 -0400, Jung-uk Kim wrote:
> >>>> On 07/28/16 02:02 PM, Bertram Scharpf wrote:
> >>>>>
> >>>>> Program received signal SIGSEGV, Segmentation fault.
> >>>>> [Switching to Thread 29403080 (LWP 101275/mcabber)]
> >>>>> 0x285c1245 in OPENSSL_ia32_cpuid () from /usr/local/lib/libcrypto.so.8
> >>>>
> >>>> On 07/28/16 02:02 PM, Bertram Scharpf wrote:
> >>>>>
> >>>>> Program received signal SIGSEGV, Segmentation fault.
> >>>>> [Switching to Thread 29403080 (LWP 101275/mcabber)]
> >>>>> 0x285c1245 in OPENSSL_ia32_cpuid () from /usr/local/lib/libcrypto.so.8
> >>>>
> >>>> Try "ldd /usr/local/lib/libloudmouth-1.so.0.1.0". It looks like a
> >>>> Kerberos issue.
> >
> >>>> Kerberos issue.
> >
> > So, how could I resolve this?
> You may ask its maintainer (gn...@FreeBSD.org) to add USES+=gssapi and
> add an option to select GSS-API from ports.
I looked at the other 4(!) projects that set something like
> You may ask its maintainer (gn...@FreeBSD.org) to add USES+=gssapi and
> add an option to select GSS-API from ports.
USES+=gssapi and copied that to loudmouth, and I even had to
copy it to irssi. Now the segfault has gone away.
The patch is below.
I will not write a problem report as long as my running
problem reports aren't deemed worthy of an answer.
Bertram
________________________________________________________________________
diff --git a/irc/irssi/Makefile b/irc/irssi/Makefile
index d9a89fe..f7f9e45 100644
--- a/irc/irssi/Makefile
+++ b/irc/irssi/Makefile
@@ -43,6 +43,7 @@ TRUECOLOR_CONFIGURE_ENABLE= true-color
CONFIGURE_ARGS+= --disable-ssl
.else
USE_OPENSSL= yes
+USES+=gssapi:base,flags
.endif
post-patch:
diff --git a/net-im/loudmouth/Makefile b/net-im/loudmouth/Makefile
index ead1d4e..0a86d13 100644
--- a/net-im/loudmouth/Makefile
+++ b/net-im/loudmouth/Makefile
@@ -29,6 +29,8 @@ OPTIONS_DEFAULT=GNUTLS
OPTIONS_RADIO= SSL
OPTIONS_RADIO_SSL= GNUTLS OPENSSL
+USES+=gssapi:base,flags
+
.include <bsd.port.options.mk>
.if ${PORT_OPTIONS:MGNUTLS}
0 new messages