Re: openssl 0.9.8 breaking things
On Thu, Sep 29, 2005 at 11:05:33AM +0200, Mark Edwards wrote: > On Sep 28, 2005, at 7:26 PM, Gary Kline wrote: > > I think I have a clue as to why this is becoming complicated. I > didn't have either WITH_OPENSSL_BASE=yes or WITH_OPENSSL_PORT=yes in / > etc/make.conf. What must be happening is that some things are using > the base openssl, and some are using the port, which is causing a > conflict. That's my guess. For whatever reason, the 0.9.7g port > doesn't cause a conflict, whereas 0.9.8 does. > > I don't really see the point of having the openssl port installed, in > my case. Its only installed because some port wanted it and built > it, and I didn't have WITH_OPENSSL_BASE=yes set. So, I'm now going > to set WITH_OPENSSL_BASE=yes, remove the openssl port, and rebuild > everything that depended upon the openssl port. Thanks for finding this! I believe in the KISS philosophy: "Keep it simple, Sir". The only time I used a non-system-default port was when the default named was v8 and I used the v9 in ports. Otherwise, FreeBSD has a great selection of security programs as its default. It may be that some admins go for the bleeding-edge ports. --Anyway, I've added the openssl_base=yes to make.conf. I've added "openssl" to the local/etc/pkgtools.conf to my "HOLD_PKGS" list. gary > > Can anyone either refute any of the above guesses, or tell me why I > am a fool to go with the base openssl rather than the port? > > Thanks! > > -- > Mark Edwards > [EMAIL PROTECTED] > cell: +46704070332 > > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- Gary Kline [EMAIL PROTECTED] www.thought.org Public service Unix ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: openssl 0.9.8 breaking things
On Sep 28, 2005, at 7:26 PM, Gary Kline wrote: On Wed, Sep 28, 2005 at 06:48:03PM +0200, Daniel Gerzo wrote: Hello Mark, Wednesday, September 28, 2005, 6:41:47 PM, you contributed this to our collective wisdom: Just upgraded to openssl 0.9.8 and things are breaking, namely exim and cyrus-imap. Non-SSL connections work, SSL connections cause a segfault. I'm going back to 0.9.7g using the WITH_OPENSSL_097 flag, but is there some way to make this work with 0.9.8? Have I totally missed something here? you need to recompile your software (exim,cyrus-imap,...) against new openssl libs. I'll toss in my two cents here just FWIW. I had troubles with all sorts of sh* (stuff) breaking when I touched openssl. I had not---or maybe I did, inadvertently--used the openssl "port". I *had* to use /usr/src/secure/openssl/<>; when applications began breaking. I pkg_deleted openssl and rebuilt the native /usr/src/* stuff. These apps are tightly interdependent; that's why you are seeing things break. This may or may not work generally. It cost me at least a day's investigation ... and I'm *still* not sure that everything's right. I think I have a clue as to why this is becoming complicated. I didn't have either WITH_OPENSSL_BASE=yes or WITH_OPENSSL_PORT=yes in / etc/make.conf. What must be happening is that some things are using the base openssl, and some are using the port, which is causing a conflict. That's my guess. For whatever reason, the 0.9.7g port doesn't cause a conflict, whereas 0.9.8 does. I don't really see the point of having the openssl port installed, in my case. Its only installed because some port wanted it and built it, and I didn't have WITH_OPENSSL_BASE=yes set. So, I'm now going to set WITH_OPENSSL_BASE=yes, remove the openssl port, and rebuild everything that depended upon the openssl port. Can anyone either refute any of the above guesses, or tell me why I am a fool to go with the base openssl rather than the port? Thanks! -- Mark Edwards [EMAIL PROTECTED] cell: +46704070332 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: openssl 0.9.8 breaking things
On Sep 28, 2005, at 7:26 PM, Gary Kline wrote: On Wed, Sep 28, 2005 at 06:48:03PM +0200, Daniel Gerzo wrote: Hello Mark, Wednesday, September 28, 2005, 6:41:47 PM, you contributed this to our collective wisdom: Just upgraded to openssl 0.9.8 and things are breaking, namely exim and cyrus-imap. Non-SSL connections work, SSL connections cause a segfault. I'm going back to 0.9.7g using the WITH_OPENSSL_097 flag, but is there some way to make this work with 0.9.8? Have I totally missed something here? you need to recompile your software (exim,cyrus-imap,...) against new openssl libs. This is FreeBSD 4.11. Thanks! I'll toss in my two cents here just FWIW. I had troubles with all sorts of sh* (stuff) breaking when I touched openssl. I had not---or maybe I did, inadvertently--used the openssl "port". I *had* to use /usr/src/secure/openssl/<>; when applications began breaking. I pkg_deleted openssl and rebuilt the native /usr/src/* stuff. These apps are tightly interdependent; that's why you are seeing things break. This may or may not work generally. It cost me at least a day's investigation ... and I'm *still* not sure that everything's right. gary I take back what I said about things working. I was fooled into thinking things were working when I had deinstalled 0.9.8 and things started working again. I reinstalled 0.9.8 and things broke again, with no other changes. Now I'm reinstalling 0.9.7g and hoping for the best. I guess I have to install 0.9.8 and clean install everything that depends on it, at a time when I can have everything broken for several hours. Just rebuilding cyrus-imap, cyrus-sasl, and exim didn't do it. -- Mark Edwards [EMAIL PROTECTED] cell: +46704070332 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: openssl 0.9.8 breaking things
On Wed, Sep 28, 2005 at 06:48:03PM +0200, Daniel Gerzo wrote: > Hello Mark, > > Wednesday, September 28, 2005, 6:41:47 PM, you contributed this to our > collective wisdom: > > > Just upgraded to openssl 0.9.8 and things are breaking, namely exim and > > cyrus-imap. Non-SSL connections work, SSL connections cause a segfault. > > > I'm going back to 0.9.7g using the WITH_OPENSSL_097 flag, but is there > > some way to make this work with 0.9.8? Have I totally missed something > > here? > > you need to recompile your software (exim,cyrus-imap,...) against new > openssl libs. > > > This is FreeBSD 4.11. Thanks! > I'll toss in my two cents here just FWIW. I had troubles with all sorts of sh* (stuff) breaking when I touched openssl. I had not---or maybe I did, inadvertently--used the openssl "port". I *had* to use /usr/src/secure/openssl/<>; when applications began breaking. I pkg_deleted openssl and rebuilt the native /usr/src/* stuff. These apps are tightly interdependent; that's why you are seeing things break. This may or may not work generally. It cost me at least a day's investigation ... and I'm *still* not sure that everything's right. gary -- Gary Kline [EMAIL PROTECTED] www.thought.org Public service Unix ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: openssl 0.9.8 breaking things
On Sep 28, 2005, at 6:48 PM, Daniel Gerzo wrote: Hello Mark, Wednesday, September 28, 2005, 6:41:47 PM, you contributed this to our collective wisdom: Just upgraded to openssl 0.9.8 and things are breaking, namely exim and cyrus-imap. Non-SSL connections work, SSL connections cause a segfault. I'm going back to 0.9.7g using the WITH_OPENSSL_097 flag, but is there some way to make this work with 0.9.8? Have I totally missed something here? you need to recompile your software (exim,cyrus-imap,...) against new openssl libs. Thanks, I'm getting it under control now. I tried recompiling things at first, but I missed a component, which made it seem like there was just an incompatibility. Its slowly coming back to life now... -- Mark Edwards [EMAIL PROTECTED] cell: +46704070332 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: openssl 0.9.8 breaking things
Hello Mark, Wednesday, September 28, 2005, 6:41:47 PM, you contributed this to our collective wisdom: > Just upgraded to openssl 0.9.8 and things are breaking, namely exim and > cyrus-imap. Non-SSL connections work, SSL connections cause a segfault. > I'm going back to 0.9.7g using the WITH_OPENSSL_097 flag, but is there > some way to make this work with 0.9.8? Have I totally missed something > here? you need to recompile your software (exim,cyrus-imap,...) against new openssl libs. > This is FreeBSD 4.11. Thanks! -- Best Regards, DanGer, ICQ: 261701668 | e-mail protecting at: http://www.2pu.net/ http://danger.rulez.sk | proxy list at:http://www.proxy-web.com/ | FreeBSD - The Power to Serve! [ Was Jimi Hendrix's modem a `[1;35mPurple Hayes`[0m? ] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
