Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 592578

Summary: net-misc/openssh fails to build with >=dev-libs/openssl-1.1.0
Product: Gentoo Linux Reporter: Lars Wendler (Polynomial-C) (RETIRED) <polynomial-c>
Component: Current packagesAssignee: Gentoo's Team for Core System packages <base-system>
Status: RESOLVED FIXED    
Severity: normal CC: arthur, asturm, bertrand, candrews, dschridde+gentoobugs, gentoo_bugs_peep, giuseppe.scaglione.pa, hanno, hydrapolic, jasmin+gentoo, pacho, quentin, t, thomas.bettler, voyageur
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://lists.mindrot.org/pipermail/openssh-unix-dev/2016-November/035497.html
See Also: https://github.com/openssh/openssh-portable/pull/48
https://bugs.debian.org/828475
https://bugs.gentoo.org/show_bug.cgi?id=658408
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 592438, 624858    
Attachments: build.log
openssh-7.6p1-openssl-1.1.0-compatibility.patch
openssh-7.6p1-openssl-1.1.0-pthreads-collision.patch

Description Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2016-08-31 11:37:43 UTC
Created attachment 444606 [details]
build.log

checking OpenSSL header version... 1010000f (OpenSSL 1.1.0  25 Aug 2016)
checking OpenSSL library version... not found
configure: error: OpenSSL library not found.

!!! Please attach the following file when seeking support:
!!! /var/tmp/portage/net-misc/openssh-7.3_p1-r2/work/openssh-7.3p1/config.log


from config.log

| #define HAVE_OPENSSL 1
| /* end confdefs.h.  */
| 
|       #include <stdio.h>
|       #include <string.h>
|       #include <openssl/opensslv.h>
|       #include <openssl/crypto.h>
|       #define DATA "conftest.ssllibver"
| 
| int
| main ()
| {
| 
|               FILE *fd;
|               int rc;
| 
|               fd = fopen(DATA,"w");
|               if(fd == NULL)
|                       exit(1);
| 
|               if ((rc = fprintf(fd, "%08lx (%s)\n", (unsigned long)SSLeay(),
|                   SSLeay_version(SSLEAY_VERSION))) < 0)
|                       exit(1);
| 
|               exit(0);
| 
|   ;
|   return 0;
| }
configure:12368: result: not found
configure:12370: error: OpenSSL library not found.
Comment 1 Patrick McLean gentoo-dev 2016-09-20 03:43:22 UTC
It looks like someone has come up with a patch

https://lists.mindrot.org/pipermail/openssh-unix-dev/2016-September/035378.html

I would probably wait for the next release though, that is not exactly a small patch.
Comment 2 Quentin Minster 2018-02-08 02:24:50 UTC
I got =net-misc/openssh-7.6_p1-r3 to build against =dev-libs/openssl-1.1.0g-r2, with the following patches:
* PR #48 from GitHub: https://patch-diff.githubusercontent.com/raw/openssh/openssh-portable/pull/48.patch
* the attached openssh-7.6p1-openssl-1.1.0-compatibility.patch to stop using OpenSSL's compat APIs not enabled by default
* the attached openssh-7.6p1-openssl-1.1.0-pthreads-collision.patch to prevent function name collisions with <pthread.h> since OpenSSL 1.1 unconditionally includes it on Linux when built with threading support

Hope it helps.
Comment 3 Quentin Minster 2018-02-08 02:25:27 UTC
Created attachment 518526 [details, diff]
openssh-7.6p1-openssl-1.1.0-compatibility.patch
Comment 4 Quentin Minster 2018-02-08 02:25:47 UTC
Created attachment 518528 [details, diff]
openssh-7.6p1-openssl-1.1.0-pthreads-collision.patch
Comment 5 Tomáš Mózes 2018-03-29 14:34:20 UTC
Thanks Quentin, applying those 3 patches allows to compile openssh-7.6_p1-r5.
Comment 6 David Heidelberg (okias) 2018-03-31 14:39:19 UTC
Applied patches, works also well.

Thank you Quentin.
Comment 7 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2018-04-03 11:58:37 UTC
Seems like openssh upstream will never add openssl-1.1 support:

https://lists.mindrot.org/pipermail/openssh-unix-dev/2017-October/036346.html
Comment 8 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2018-09-13 12:16:01 UTC
upstream changed their mind and added openssl-1.1 compatibility:

https://github.com/openssh/openssh-portable/commit/482d23bcacdd3664f21cc82a5135f66fc598275f

https://github.com/openssh/openssh-portable/commit/48f54b9d12c1c79fba333bc86d455d8f4cda8cfc

If no big showstoppers appear, this will be in 7.9p1 release.
Comment 9 David Heidelberg (okias) 2018-09-15 10:55:48 UTC
meanwhile, really ugly patch all 1.1.1 (must be build without hpn)

mkdir -p /etc/portage/patches/net-misc/openssh
cd /etc/portage/patches/net-misc/openssh

and run there attached script (with chmod +x skript.sh )
=====

#!/bin/bash

declare -i i=0;
vars=( 9617816dbe73ec4d65075f4d897443f63a97c87f ea9c06e11d2e8fb2f4d5e02f8a41e23d2bd31ca9 039bf2a81797b8f3af6058d34005a4896a363221 2678833013e97f8b18f09779b7f70bcbf5eb2ab2 086cc614f550b7d4f100c95e472a6b6b823938ab db8bb80e3ac1bcb3e1305d846cd98c6b869bf03f 247766cd3111d5d8c6ea39833a3257ca8fb820f2 de37ca909487d23e5844aca289b3f5e75d3f1e1f 50e2687ee0941c0ea216d6ffea370ffd2c1f14b9 9405c6214f667be604a820c6823b27d0ea77937d 357128ac48630a9970e3af0e6ff820300a28da47 a70fd4ad7bd9f2ed223ff635a3d41e483057f23b ba9e788315b1f6a350f910cb2a9e95b2ce584e89 4cc259bac699f4d2a5c52b92230f9e488c88a223 f0fcd7e65087db8c2496f13ed39d772f8e38b088 41c115a5ea1cb79a6a3182773c58a23f760e8076 2de78bc7da70e1338b32feeefcc6045cf49efcd4 f803b2682992cfededd40c91818b653b5d923ef5 d70d061828730a56636ab6f1f24fe4a8ccefcfc1 482d23bcacdd3664f21cc82a5135f66fc598275f 86112951d63d48839f035b5795be62635a463f99 48f54b9d12c1c79fba333bc86d455d8f4cda8cfc 86e0a9f3d249d5580390daf58e015e68b01cef10 a3fd8074e2e2f06602e25618721f9556c731312c d64e78526596f098096113fcf148216798c327ff 0aa1f230846ebce698e52051a107f3127024a05a 488c9325bb7233e975dbfbf89fa055edc3d3eddc 1f24ac5fc05252ceb1c1d0e8cab6a283b883c780 6da046f9c3374ce7e269ded15d8ff8bc45017301 6c8b82fc6929b6a9a3f645151b6ec26c5507d9ef 6bc5a24ac867bfdc3ed615589d69ac640f51674b beb9e522dc7717df08179f9e59f36b361bfa14ab 9201784b4a257c8345fbd740bcbdd70054885707 4488ae1a6940af704c4dbf70f55bf2f756a16536 149519b9f201dac755f3cba4789f4d76fecf0ee1 cce8cbe0ed7d1ba3a575310e0b63c193326ae616 )
for fn in "${vars[@]}" ; do
	  echo "patch ${i} id ${fn}"
 	  wget -O `printf %03d $i`.patch "https://anongit.mindrot.org/openssh.git/patch/?id=$fn"
	i=i+1
done

===

ugly as f*ck, but gives you working up-to-date openssh with OpenSSL 1.1.1 support....
Comment 10 Brian Evans (RETIRED) gentoo-dev 2018-10-02 20:04:44 UTC
*** Bug 667606 has been marked as a duplicate of this bug. ***
Comment 11 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2018-10-24 12:33:47 UTC
openssh-7.9_p1 is in the tree now.