(n244517-f17fc5439f5) svn stuck forever in /usr/ports?
Guido Falsi
mad at madpilot.net
Wed Feb 3 08:49:39 UTC 2021
On 03/02/21 07:16, Hartmann, O. wrote:
> On Mon, 1 Feb 2021 03:24:45 +0000
> Rick Macklem <rmacklem at uoguelph.ca> wrote:
>
>> Rick Macklem wrote:
>>> Guido Falsi wrote:
>>> [good stuff snipped]
>>>> Performed a full bisect. Tracked it down to commit aa906e2a4957, adding
>>>> KTLS support to embedded OpenSSL.
>>>>
>>>> I filed a bug report about this:
>>>>
>>>> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253135
>>>>
>>>>
>>>> Apart from switching to svn:// scheme, another workaround is to build
>>>> base using WITHOUT_OPENSSL_KTLS.
>>> Just fyi, when I tested the daemons I have for nfs-over-tls (which use ktls),
>>> they acted like things were ok (no handshake problems), but the data
>>> ended up on the wire unencrypted (nfs-over-tls doesn't do a SSL_write(),
>>> so it depends on ktls to do the encryption).
>>>
>>> Since these daemons work fine with openssl3 in ports/security/openssl-devel,
>>> I suspect the ktls backport is not quite right. I've sent jhb@ email.
>> I was wrong on the above. I did a full buildworld/installworld and the daemons
>> now seem to work with the openssl in head/main.
>>
>> Btw, did anyone try rebuilding svn from sources after doing
>> the system upgrade?
>> (The openssl library calls and .h files definitely changed.)
>
> Yes, I did, on all boxes and its a pain in the a..., we had to rebuild EVERY port (at
> least, I did, to avoid further problem). Yesterday, on of our fastes boxes got ready and
> even with a full rebuild of the system AND a full rebuild of the ports (no poudriere,
> traditional way via make), the Apache 2.4 webservice doesn't work, and so does subversion
> not (Firefox reports problems with SSL handshake, subversion is stuck/frozen forever).
> I will run today another full world build today, hopefully finishing on friday (portmaster
> -dfR doesn't get everything in line on some ports, I assume).
Ass I said a confirmed woraround is building world with
WITHOUT_OPENSSL_KTLS defined.
--
Guido Falsi <mad at madpilot.net>
More information about the freebsd-current
mailing list