You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2020/05/10 22:25:58 UTC
[Bug 64419] New: Build problem with tomcat-native on FreeBSD
11.3/LibreSSL
https://bz.apache.org/bugzilla/show_bug.cgi?id=64419
Bug ID: 64419
Summary: Build problem with tomcat-native on FreeBSD
11.3/LibreSSL
Product: Tomcat Native
Version: 1.2.23
Hardware: PC
OS: FreeBSD
Status: NEW
Severity: normal
Priority: P2
Component: Library
Assignee: dev@tomcat.apache.org
Reporter: gessel@blackrosetech.com
Target Milestone: ---
--- src/ssl.lo ---
In file included from src/ssl.c:24:
./include/ssl_private.h:220:9: warning: 'OPENSSL_VERSION' macro redefined
[-Wmacro-redefined]
#define OPENSSL_VERSION SSLEAY_VERSION
^
/usr/local/include/openssl/crypto.h:329:9: note: previous definition is here
#define OPENSSL_VERSION 0
^
src/ssl.c:301:9: warning: implicit declaration of function
'SSL_CTX_set_keylog_callback' is invalid in C99
[-Wimplicit-function-declaration]
SSL_CTX_set_keylog_callback(ctx, ssl_keylog_callback);
^
src/ssl.c:789:41: error: use of undeclared identifier 'thread_exit_key'; did
you mean 'pthread_exit'?
err = apr_threadkey_private_create(&thread_exit_key, _ssl_thread_exit,
^~~~~~~~~~~~~~~
pthread_exit
/usr/include/pthread.h:215:7: note: 'pthread_exit' declared here
void pthread_exit(void *) __dead2;
^
src/ssl.c:789:58: error: use of undeclared identifier '_ssl_thread_exit'
err = apr_threadkey_private_create(&thread_exit_key, _ssl_thread_exit,
^
src/ssl.c:796:5: error: use of undeclared identifier 'threadkey_initialized'
threadkey_initialized = 1;
^
src/ssl.c:799:5: warning: implicit declaration of function 'ssl_thread_setup'
is invalid in C99 [-Wimplicit-function-declaration]
ssl_thread_setup(tcn_global_pool);
^
3 warnings and 3 errors generated.
*** [src/ssl.lo] Error code 1
FreeBSD 11.3-RELEASE-p8 #0 r360490
1.2.23 compiled successfully, but 1.2.24 is throwing errors.
tomcat-native-1.2.23 < needs updating (index has 1.2.24)
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 64419] Build problem with tomcat-native on FreeBSD
11.3/LibreSSL
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=64419
--- Comment #2 from Michael Osipov <mi...@apache.org> ---
As previously discussed with gessel and the Port maintainer of libtcnative, the
code works with OpenSSL. We don't have an official position no LibreSSL.
I will look into this later this day.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 64419] Build problem with tomcat-native on FreeBSD
11.3/LibreSSL
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=64419
--- Comment #4 from Michael Osipov <mi...@apache.org> ---
This is what LibreSSL 3.1.1 defines:
> [mosipov@mika-ion ~/Projekte/tomcat-native/native]$ grep -ri -E -e '#define .+_version' /usr/local/include/openssl/
> /usr/local/include/openssl/crypto.h:#define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER
> /usr/local/include/openssl/crypto.h:#define SSLEAY_VERSION 0
> /usr/local/include/openssl/crypto.h:#define OPENSSL_VERSION 0
> /usr/local/include/openssl/opensslv.h:#define LIBRESSL_VERSION_NUMBER 0x3010100fL
> /usr/local/include/openssl/opensslv.h:#define LIBRESSL_VERSION_TEXT "LibreSSL 3.1.1"
> /usr/local/include/openssl/opensslv.h:#define OPENSSL_VERSION_NUMBER 0x20000000L
> /usr/local/include/openssl/opensslv.h:#define OPENSSL_VERSION_TEXT LIBRESSL_VERSION_TEXT
> /usr/local/include/openssl/opensslv.h:#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
> /usr/local/include/openssl/opensslv.h:#define SHLIB_VERSION_HISTORY ""
> /usr/local/include/openssl/opensslv.h:#define SHLIB_VERSION_NUMBER "1.0.0"
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 64419] Build problem with tomcat-native on FreeBSD
11.3/LibreSSL
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=64419
Michael Osipov <mi...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--- Comment #7 from Michael Osipov <mi...@apache.org> ---
I will supersede this ticket with a new, general one. Downstream patches have
been applied, but upstream is still broken.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 64419] Build problem with tomcat-native on FreeBSD
11.3/LibreSSL
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=64419
--- Comment #6 from gessel <ge...@blackrosetech.com> ---
tomcat-native-1.2.24_1 builds successfully, thank you!
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 64419] Build problem with tomcat-native on FreeBSD
11.3/LibreSSL
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=64419
--- Comment #5 from Michael Osipov <mi...@apache.org> ---
As soon as I revert b8649e81458194d70667952d9e26df82a79c773f I only see and the
code compiles
> ./include/ssl_private.h:220:9: warning: 'OPENSSL_VERSION' macro redefined [-Wmacro-redefined]
> #define OPENSSL_VERSION SSLEAY_VERSION
> ^
> /usr/local/include/openssl/crypto.h:329:9: note: previous definition is here
> #define OPENSSL_VERSION 0
> ^
> src/ssl.c:301:9: warning: implicit declaration of function 'SSL_CTX_set_keylog_callback' is invalid in C99
> [-Wimplicit-function-declaration]
> SSL_CTX_set_keylog_callback(ctx, ssl_keylog_callback);
> ^
It pretty much seems that the the change was incomplete -- as assumed.
Shall we revert for now?
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 64419] Build problem with tomcat-native on FreeBSD
11.3/LibreSSL
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=64419
Michael Osipov <mi...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |ale@FreeBSD.org,
| |michaelo@apache.org,
| |rainer.jung@kippdata.de
--- Comment #3 from Michael Osipov <mi...@apache.org> ---
OK, there are several issues here. They aren't FreeBSD specific, but the issue
is the incomplete LibreSSL coverage:
> ./include/ssl_private.h:220:9: warning: 'OPENSSL_VERSION' macro redefined [-Wmacro-redefined]
> #define OPENSSL_VERSION SSLEAY_VERSION
> ^
> /usr/local/include/openssl/crypto.h:329:9: note: previous definition is here
> #define OPENSSL_VERSION 0
> ^
The ifdef around this block assumes that LibreSSL at some point did not have
these definitions.
> src/ssl.c:301:9: warning: implicit declaration of function 'SSL_CTX_set_keylog_callback' is invalid in C99
> [-Wimplicit-function-declaration]
> SSL_CTX_set_keylog_callback(ctx, ssl_keylog_callback);
> ^
LibeSSL does not support this. This patch solves the issue:
> diff --git a/native/include/ssl_private.h b/native/include/ssl_private.h
> index d88e393d..26495e46 100644
> --- a/native/include/ssl_private.h
> +++ b/native/include/ssl_private.h
> @@ -241,7 +241,7 @@
> #define TLS_server_method SSLv23_server_method
> #endif /* OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) */
>
> -#if OPENSSL_VERSION_NUMBER >= 0x10101000L
> +#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER)
> #define HAVE_KEYLOG_CALLBACK
> #endif
> src/ssl.c:789:41: error: use of undeclared identifier 'thread_exit_key'; did you mean 'pthread_exit'?
> err = apr_threadkey_private_create(&thread_exit_key, _ssl_thread_exit,
> ^~~~~~~~~~~~~~~
> pthread_exit
> /usr/include/pthread.h:215:7: note: 'pthread_exit' declared here
> void pthread_exit(void *) __dead2;
> ^
> src/ssl.c:789:58: error: use of undeclared identifier '_ssl_thread_exit'
> err = apr_threadkey_private_create(&thread_exit_key, _ssl_thread_exit,
> ^
> src/ssl.c:796:5: error: use of undeclared identifier 'threadkey_initialized'
> threadkey_initialized = 1;
> ^
> src/ssl.c:799:5: warning: implicit declaration of function 'ssl_thread_setup' is invalid in C99
> [-Wimplicit-function-declaration]
> ssl_thread_setup(tcn_global_pool);
> ^
As sad as it seems. With the ifdefs around threaded init and OpenSSL 1.1.0+ the
coverage of LibreSSL seems to be incomplete because LibreSSL reports OpenSSL
version 0.
To solve this properly, we need to do the following:
* Require a minimum LibreSSL
* Test for that LibreSSL version in ./configure
* Figure out whether LibreSSL inits threading itself like OpenSSL 1.1.0+
* Revise code blocks for LibreSSL compat:
> [mosipov@mika-ion ~/Projekte/tomcat-native/native]$ grep -r "OPENSSL_VERSION_NUMBER < 0x10100000L" .
> ./include/ssl_private.h:#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
> ./include/ssl_private.h:#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) */
> ./include/ssl_private.h:#if (OPENSSL_VERSION_NUMBER < 0x10100000L) && ! (defined(WIN32) || defined(WIN64))
> ./src/ssl.c:#if OPENSSL_VERSION_NUMBER < 0x10100000L
> ./src/ssl.c:#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
> ./src/ssl.c:#if OPENSSL_VERSION_NUMBER < 0x10100000L && ! (defined(WIN32) || defined(WIN64))
> ./src/ssl.c:#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
> ./src/ssl.c:#if OPENSSL_VERSION_NUMBER < 0x10100000L
> ./src/ssl.c:#if OPENSSL_VERSION_NUMBER < 0x10100000L
> ./src/ssl.c:#if !defined(OPENSSL_NO_ENGINE) || OPENSSL_VERSION_NUMBER < 0x10100000L
> ./src/ssl.c:#if OPENSSL_VERSION_NUMBER < 0x10100000L
> ./src/ssl.c:#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
> ./src/ssl.c:#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
> ./src/sslcontext.c:#if OPENSSL_VERSION_NUMBER < 0x10100000L
> ./src/sslcontext.c:#endif /* if OPENSSL_VERSION_NUMBER < 0x10100000L */
> ./src/sslcontext.c:#if OPENSSL_VERSION_NUMBER < 0x10100000L
> ./src/sslcontext.c:#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
> ./src/sslcontext.c:#else /* if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) */
> ./src/sslcontext.c:#endif /* if OPENSSL_VERSION_NUMBER < 0x10100000L */
> ./src/sslcontext.c:#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
> ./src/sslcontext.c:#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
> ./src/sslcontext.c:#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
> ./src/sslcontext.c:#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
> ./src/sslcontext.c:#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
> ./src/sslcontext.c:#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
> ./src/sslcontext.c:#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
> ./src/sslcontext.c:#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
> ./src/sslcontext.c:#if OPENSSL_VERSION_NUMBER < 0x10100000L
> ./src/sslcontext.c:#if OPENSSL_VERSION_NUMBER < 0x10100000L
> ./src/sslcontext.c:#if OPENSSL_VERSION_NUMBER < 0x10100000L
> ./src/sslinfo.c:#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
> ./src/sslutils.c:#if OPENSSL_VERSION_NUMBER < 0x10100000L
> ./src/sslutils.c:#if OPENSSL_VERSION_NUMBER < 0x10100000L
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 64419] Build problem with tomcat-native on FreeBSD
11.3/LibreSSL
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=64419
Michael Osipov <mi...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Severity|normal |regression
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 64419] Build problem with tomcat-native on FreeBSD
11.3/LibreSSL
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=64419
--- Comment #1 from gessel <ge...@blackrosetech.com> ---
Created attachment 37223
--> https://bz.apache.org/bugzilla/attachment.cgi?id=37223&action=edit
work directory of failed build
.7z file - tar.gz was over 1MB
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org