#63856 closed defect (fixed)
tor @0.4.4.6_1 fails to build
Reported by: | cculianu (Calin Culianu) | Owned by: | reneeotten (Renee Otten) |
---|---|---|---|
Priority: | Normal | Milestone: | |
Component: | ports | Version: | |
Keywords: | Cc: | hadrabap (Petr Hadraba), mascguy (Christopher Nielsen), balanco | |
Port: | tor |
Description
I'm on Big Sur 11.6.1, latest Xcode 13.1.
Latest Tor fails to build, the build log shows a compile error:
:info:build src/lib/tls/tortls_openssl.c:1198:3: warning: 'uint64_t' is not defined, evaluates to 0 [-Wundef] :info:build SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION != 0 :info:build ^ :info:build /opt/local/include/openssl/ssl.h:389:58: note: expanded from macro 'SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION ' :info:build # define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION SSL_OP_BIT(18) :info:build ^ :info:build /opt/local/include/openssl/ssl.h:343:26: note: expanded from macro 'SSL_OP_BIT' :info:build #define SSL_OP_BIT(n) ((uint64_t)1 << (uint64_t)n) :info:build ^ :info:build src/lib/tls/tortls_openssl.c:1198:3: error: token is not a valid binary operator in a preprocessor subexpres sion :info:build SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION != 0 :info:build ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ :info:build /opt/local/include/openssl/ssl.h:389:58: note: expanded from macro 'SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION ' :info:build # define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION SSL_OP_BIT(18) :info:build ^~~~~~~~~~~~~~ :info:build /opt/local/include/openssl/ssl.h:343:35: note: expanded from macro 'SSL_OP_BIT' :info:build #define SSL_OP_BIT(n) ((uint64_t)1 << (uint64_t)n) :info:build ~~~~~~~~~~^
Change History (15)
comment:1 Changed 3 years ago by cculianu (Calin Culianu)
Port: | tor added |
---|
comment:2 follow-up: 8 Changed 3 years ago by hadrabap (Petr Hadraba)
comment:3 Changed 3 years ago by hadrabap (Petr Hadraba)
Cc: | hadrabap added |
---|
comment:4 Changed 3 years ago by mascguy (Christopher Nielsen)
Cc: | mascguy added |
---|
comment:5 Changed 3 years ago by mascguy (Christopher Nielsen)
For those items that are broken, we'll either be fixing them to work with OpenSSL 3, or switching them back to OpenSSL 1.1.
As for the decision itself, we needed to move forward, and that's why it was done. And among other benefits, it also allows us to provide binaries for many, many other ports - which will significantly improve the user experience.
Please be patient as we work through all of this. There are a LOT of us actively working to fix these issues, and we're quickly making progress.
comment:6 Changed 3 years ago by balanco
Cc: | balanco added |
---|
comment:7 follow-up: 9 Changed 3 years ago by cculianu (Calin Culianu)
Ok, well I understand, as a software engineer myself -- sometimes it's better to move forward. It's sad that OpenSSL 3 claims compatibility, and indeed even stuff compiles against it ok, and then you get stuff breaking. Major stuff like even Python!
I will be patient. Thanks for the follow-up on this. And in some ways it's good to be moving on to a (hopefully) less buggy, more secure, better licensed implementation of OpenSSL.
Question though: how does a user that inadvertently upgraded to 3, revert back? I had to manually edit my ports tree in /opt/local/var
to basically *manually* undo the work of the commit that "switched to 3 by default". It would be nice if I could simply have done:
$ sudo port uninstall openssl@3
$ sudo port install openssl@1.1
Or something similar... :/
comment:8 Changed 3 years ago by reneeotten (Renee Otten)
Replying to hadrabap:
There is a fix for this in upstream repo: https://gitlab.torproject.org/tpo/core/tor/-/merge_requests/389/diffs?commit_id=faf89589d0d41924bb63d610e51aa20c45a6655b
let's not take that commit, this is a MR - the actual change upstream committed is here. I'll try now to add that once I figure out how to get a .diff file from GitLab...
All of this stuff is caused by MacPorts switching to OpenSSL 3 which claims compatibility but the opposite is true. I have lot of ports broken by this decision, e.g. tor, git-crypt, yubico-piv-tool, opensc…
I'm very disappointed…
That's where you start to open a ticket for ports that don't currently build or you try to do the actual work yourself to make it build with openssl3 (or switch it back to openssl11 as described on the macports-dev mailinglist) and submit a PR. Alternatvily, as @mascguy says you wait a little bit until the dust settles.
comment:9 follow-up: 11 Changed 3 years ago by reneeotten (Renee Otten)
Replying to cculianu:
Question though: how does a user that inadvertently upgraded to 3, revert back? I had to manually edit my ports tree in
/opt/local/var
to basically *manually* undo the work of the commit that "switched to 3 by default". It would be nice if I could simply have done:
$ sudo port uninstall openssl@3
$ sudo port install openssl@1.1
Or something similar... :/
The procedure for installing an older port is described here.
comment:10 Changed 3 years ago by reneeotten (Renee Otten)
okay tor
is building now with openssl3
, I also updated it to version 0.4.4.8. Running the test-suite now if that all passes happily I'll commit the update/fix.
comment:11 Changed 3 years ago by cculianu (Calin Culianu)
Replying to reneeotten:
The procedure for installing an older port is described here.
Ah ok. So it's basically like what I did, in a way. I manually "reverted the commit" myself, by editing files directly in /opt/local/var/
. LOL.
Ok.. I guess due to the magic of rsync next time I do sudo port selfupdate
(which I will only run when I'm sure everything is fixed)... it will "repair" itself and undo my edits, right?
comment:12 follow-up: 13 Changed 3 years ago by reneeotten (Renee Otten)
Owner: | set to reneeotten |
---|---|
Resolution: | → fixed |
Status: | new → closed |
comment:13 Changed 3 years ago by reneeotten (Renee Otten)
Please test - I only verified that it builds and that there are no failures in the test-suite.
comment:14 Changed 3 years ago by i0ntempest
0.4.6.8 seems already have the patch in, any reason not upgrading to that version?
There is a fix for this in upstream repo: https://gitlab.torproject.org/tpo/core/tor/-/merge_requests/389/diffs?commit_id=faf89589d0d41924bb63d610e51aa20c45a6655b
All of this stuff is caused by MacPorts switching to OpenSSL 3 which claims compatibility but the opposite is true. I have lot of ports broken by this decision, e.g. tor, git-crypt, yubico-piv-tool, opensc…
I'm very disappointed…