Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 670725 - mail-mta/postfix 3.4_pre20181104 with dev-libs/libressl-2.8.2 - ld: ../../lib/libpostfix-tls.so: undefined reference to `SSL_CTX_set_num_tickets'
Summary: mail-mta/postfix 3.4_pre20181104 with dev-libs/libressl-2.8.2 - ld: ../../lib...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Eclasses (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Net-Mail Packages
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-11-09 04:11 UTC by Reuben Farrelly
Modified: 2018-11-20 05:38 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments
Build fix for latest Postfix snapshots with libressl (libressl-fix-sslctx_setnumtickets.patch,550 bytes, patch)
2018-11-18 09:24 UTC, Reuben Farrelly
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Reuben Farrelly 2018-11-09 04:11:37 UTC
The latest Postfix snapshot ebuild: postfix-3.4_pre20181104.ebuild fails to build with LibreSSL-2.8.2.  There are some warnings, and then the build terminates with a fatal linking error:

x86_64-pc-linux-gnu-gcc -fPIC -I. -I../../include -DHAS_PCRE -DUSE_TLS -DHAS_LMDB -DDEF_SASL_SERVER=\"dovecot\" -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl -DNO_NIS -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -DU_DISABLE_RENAMING=1 -I/usr/include -DHAS_DEV_URANDOM -DSNAPSHOT -DDEF_SHLIB_DIR=\"/usr/lib64/postfix/\${mail_version}\" -DUSE_DYNAMIC_LIBS -UUSE_DYNAMIC_MAPS -Wmissing-prototypes -Wformat -Wno-comment  -O2 -pipe -march=native -mtune=native -Wno-comment -I. -I../../include -DLINUX4 -c smtpd_state.c
In file included from smtpd.h:33,
                 from smtpd_chat.c:109:
../../include/tls.h:95: warning: "OPENSSL_VERSION" redefined
 #define OPENSSL_VERSION SSLEAY_VERSION
 
In file included from /usr/include/openssl/bio.h:69,
                 from /usr/include/openssl/objects.h:959,
                 from ../../include/mail_params.h:21,
                 from smtpd_chat.c:100:
/usr/include/openssl/crypto.h:336: note: this is the location of the previous definition
 #define OPENSSL_VERSION  0
 
In file included from ../../include/tls_proxy.h:23,
                 from smtpd.c:1202:
../../include/tls.h:95: warning: "OPENSSL_VERSION" redefined
 #define OPENSSL_VERSION SSLEAY_VERSION
 
In file included from /usr/include/openssl/bio.h:69,
                 from /usr/include/openssl/objects.h:959,
                 from ../../include/mail_params.h:21,
                 from smtpd.c:1172:
/usr/include/openssl/crypto.h:336: note: this is the location of the previous definition
 #define OPENSSL_VERSION  0
 
In file included from smtpd.h:33,
                 from smtpd_check.c:256:
../../include/tls.h:95: warning: "OPENSSL_VERSION" redefined
 #define OPENSSL_VERSION SSLEAY_VERSION
 
In file included from /usr/include/openssl/bio.h:69,
                 from /usr/include/openssl/objects.h:959,
                 from ../../include/mail_params.h:21,
                 from smtpd_check.c:229:
/usr/include/openssl/crypto.h:336: note: this is the location of the previous definition
 #define OPENSSL_VERSION  0
 
Then a little later on:

x86_64-pc-linux-gnu-gcc -fPIC -I. -I../../include -DHAS_PCRE -DUSE_TLS -DHAS_LMDB -DDEF_SASL_SERVER=\"dovecot\" -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl -DNO_NIS -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -DU_DISABLE_RENAMING=1 -I/usr/include -DHAS_DEV_URANDOM -DSNAPSHOT -DDEF_SHLIB_DIR=\"/usr/lib64/postfix/\${mail_version}\" -DUSE_DYNAMIC_LIBS -UUSE_DYNAMIC_MAPS -Wmissing-prototypes -Wformat -Wno-comment  -O2 -pipe -march=native -mtune=native -Wno-comment -I. -I../../include -DLINUX4 -Wl,--enable-new-dtags -Wl,-rpath,/usr/lib64/postfix/3.4-20181104 -o smtpd smtpd.o smtpd_token.o smtpd_check.o smtpd_chat.o smtpd_state.o smtpd_peer.o smtpd_sasl_proto.o smtpd_sasl_glue.o smtpd_proxy.o smtpd_xforward.o smtpd_dsn_fix.o smtpd_milter.o smtpd_resolve.o smtpd_expand.o smtpd_haproxy.o ../../lib/libpostfix-master.so ../../lib/libpostfix-tls.so ../../lib/libxsasl.a ../../lib/libmilter.a ../../lib/libpostfix-dns.so ../../lib/libpostfix-global.so ../../lib/libpostfix-util.so -pie -Wl,-O1 -Wl,--as-needed -ldl -lpam -lssl -lcrypto -lsasl2 -llmdb -lpthread -L/usr/lib64 -lpcre -ldb -lnsl -lresolv -ldl -L/usr/lib64 -licui18n -licuuc -licudata 
/usr/lib/gcc/x86_64-pc-linux-gnu/8.2.0/../../../../x86_64-pc-linux-gnu/bin/ld: ../../lib/libpostfix-tls.so: undefined reference to `SSL_CTX_set_num_tickets'
collect2: error: ld returned 1 exit status
make: *** [Makefile:85: smtpd] Error 1
make: *** [Makefile:100: update] Error 1
 * ERROR: mail-mta/postfix-3.4_pre20181104::gentoo failed (compile phase):
 *   emake failed

The previous snapshot builds just fine.  The breakage is almost certainly due to this upstream change that went into this snapshot:

20181104

	Multiple 'bit rot' fixes for OpenSSL API changes, including
	support to disable TLSv1.3, to avoid issuing multiple session
	tickets, and to allow OpenSSL >= 1.1.0 run-time micro version
	bumps without complaining about library version mismatches.
	Viktor Dukhovni. Files: proto/postconf.proto,
	proto/TLS_README.html, tls/tls.h, tls/tls_dane.c,
	tls/tls_server.c, tls/tls_misc.c

I'm raising this bug to track this problem, as this indicates we may need to make some adjustments to the existing libressl patches in order for this and future Postfix snapshots to compile.
Comment 1 Reuben Farrelly 2018-11-18 09:24:03 UTC
Created attachment 555532 [details, diff]
Build fix for latest Postfix snapshots with libressl

I wrote this very simple patch which fixes the build problem.
Comment 2 Larry the Git Cow gentoo-dev 2018-11-20 05:38:20 UTC
The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8267b1cce057f59ee23f3a20a0a2bfcb8090ad7d

commit 8267b1cce057f59ee23f3a20a0a2bfcb8090ad7d
Author:     Eray Aslan <eras@gentoo.org>
AuthorDate: 2018-11-20 05:11:59 +0000
Commit:     Eray Aslan <eras@gentoo.org>
CommitDate: 2018-11-20 05:11:59 +0000

    mail-mta/postfix: bump to 3.4_pre20181118
    
    fixes libressl build.  Thanks to Reuben Farrelly
    Closes: https://bugs.gentoo.org/670725
    Package-Manager: Portage-2.3.51, Repoman-2.3.12
    Signed-off-by: Eray Aslan <eras@gentoo.org>

 mail-mta/postfix/Manifest                                     |  2 +-
 mail-mta/postfix/files/postfix-libressl-session-tickets.patch | 11 +++++++++++
 ...-3.4_pre20181104.ebuild => postfix-3.4_pre20181118.ebuild} |  3 ++-
 3 files changed, 14 insertions(+), 2 deletions(-)