On 23/03/2015 14:38, Gerhard Schmidt wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 23.03.2015 15:14, Dewayne Geraghty wrote:
On 24/03/2015 12:16 AM, Gerhard Schmidt wrote:
On 23.03.2015 13:40, Guido Falsi wrote:
On 03/23/15 11:33, Gerhard Schmidt wrote:
Hi,
we experiencing a problem after upgrading the openssl port to openssl
1.0.2.
/usr/bin/vi started to crash after some seconds with segfault.
/rescue/vi works just fine. Deleting the openssl 1.0.2 package
everything works just fine again. Installing the old openssl 1.0.1_18
package it still works just fine.
it seams that besides vi the bash also has this problem. Anybody
experiencing the same or is this something specific to my system.
I'm running FreeBSD 10.1 updated tonight.
I am seeing runtime problems with asterisk13 (which I maintain), caused
by the OpenSSL update fallout.
In this case, after some analysis, I concluded the problem is the
libsrtp port requiring OpenSSL from ports(for a reason), causing
asterisk to link to that too, which would be correct.
Asterisk also uses the security/trousers port, which links to system
OpenSSL. This ensues a conflict which now results in asterisk
segfaulting and stopping to work.
I'm investigating what can be done about this. As a local solution I can
force the trousers port to link against OpenSSL from ports, but this
will not fix the general problem. As a port maintaner I ony see
modifying the trousers port to depend on ports OpenSSL as a solution, is
this acceptable?
Most Ports link against the port openssl if its installed and agains the
system openssl if not. That should be the prefered way to handle problem.
I don't know if an incompatibility between system an port openssl is a
problem. I've removed the portbuild openssl from this server completely.
As far as i can see the problem is with openldap-client build agains the
ports openssl and used by nss_ldap or pam_ldap modul. I will do some
testing when my test host is ready. Testing on an Production server is
not that good :-)
Regards
Estartu
I only use openssl from ports and have just completed a rebuild of 662
packages for server requirements and include: trousers, ldap client and
server, and 71 other ports built without any issues on amd64 10.1Stable
using clang. Not so successful on i386 but I don't believe its related
to openssl.
I never had an issue building anything. Using it is the problem. Setup
authentication via ldap (nss_ldap) and you are in hell. Bash crashes
when you try to login. vi crashes when you try to change a file.
Anything that uses nsswitch has some problems.
Does rebuilding all ports with WITH_OPENSSL_PORT=yes set in
/etc/make.conf help?
Regards
Steve
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[email protected]"
