Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 647976 - dev-libs/apr-util-1.6.1 with >=dev-libs/openssl-1.1.0 - crypto/apr_crypto_openssl.c:116:5: warning: implicit declaration of function ‘ERR_free_strings’
Summary: dev-libs/apr-util-1.6.1 with >=dev-libs/openssl-1.1.0 - crypto/apr_crypto_ope...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Lars Wendler (Polynomial-C)
URL:
Whiteboard:
Keywords: PATCH
Depends on:
Blocks: openssl-1.1 openssl-1.1_disable-deprecated
  Show dependency tree
 
Reported: 2018-02-18 06:04 UTC by Quentin Minster
Modified: 2018-10-24 16:27 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
build.log (file_647976.txt,68.35 KB, text/plain)
2018-02-18 06:04 UTC, Quentin Minster
Details
apr-util-1.6.1-openssl-1.1.0-compat.patch (apr-util-1.6.1-openssl-1.1.0-compat.patch,865 bytes, patch)
2018-02-18 06:08 UTC, Quentin Minster
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Quentin Minster 2018-02-18 06:04:40 UTC
Created attachment 519914 [details]
build.log

I get warnings about the following undeclared functions when building dev-libs/apr-util-1.6.1:
* ERR_free_strings()
* EVP_cleanup()
* ENGINE_cleanup()
* ERR_load_crypto_strings()
* OpenSSL_add_all_algorithms()

These functions are deprecated in OpenSSL 1.1.0, and no longer declared without some compatibility layer enabled. Moreover, the OpenSSL 1.1.0 .so does *not* provide them.
So even if these are mere warnings, the resulting .so will fail to load when used.

To see this for yourself (needs =dev-libs/apr-util-1.6.1 built against =dev-libs/openssl-1.1.0g obviously, and installed):

  $ python
  > import os
  > import ctypes
  > lib = ctypes.CDLL('/usr/lib64/libaprutil-1.so.0.6.1', mode=os.RTLD_GLOBAL)
  # above load is required as the apr-util crypto lib is meant to plug into it
  > libcrypto = ctypes.CDLL('/usr/lib64/apr-util-1/apr_crypto_openssl.so')
  # fails with error: undefined symbol ENGINE_cleanup
Comment 1 Quentin Minster 2018-02-18 06:08:22 UTC
Created attachment 519916 [details, diff]
apr-util-1.6.1-openssl-1.1.0-compat.patch

Patch that removes the unneeded, deprecated function calls. Note I only checked that the library loads fine afterwards (using above Python/ctypes technique).

This has been submitted upstream [0].


[0]: https://github.com/apache/apr/pull/9
Comment 2 Arfrever Frehtes Taifersar Arahesis 2018-02-19 19:10:25 UTC
https://github.com/apache/apr is a mirror and you are unlikely to get any answer there. See: https://apr.apache.org/patches.html
Comment 3 Thomas Deutschmann gentoo-dev Security 2018-08-28 11:38:23 UTC
I think you shouldn't use "APR_USE_OPENSSL_PRE_1_1_API". Use something like

> #if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)

See comments like http://mail-archives.apache.org/mod_mbox/apr-commits/201806.mbox/%3C20180627230539.1C6B03A0102@svn01-us-west.apache.org%3E
Comment 4 Lars Wendler (Polynomial-C) gentoo-dev 2018-09-29 18:15:12 UTC
Since we decided to no longer build openssl without deprecated features, this
bug can now be considered as fixed (but will eventually reappear once openssl
upstream finally removed deprecated features from their code).