hi guys, i was about to update libssh2 despite the lack of openssl > 1.0.2 support and checked: http://pkg.openindiana.org/hipster/en/search.shtml?token=libssh2&action=Search
there i saw "library/[email protected],5.11-2023.0.0.2:20230917T073330Z". still the old one so i fired up my userland vm and did a pkg update. to my surprise i spotted: openindiana.org -> userland library/libssh2 1.10.0-2023.0.0.2 -> 1.11.0-2024.0.0.0 so is pkg.openindiana.org out of sync or something? On Thu, 16 May 2024 06:01:04 +0200, Goetz T. Fischer wrote: > unfortunately libssh2 turned out to be yet another ssl mediator victim. > however this one can > probably be solved because it builds fine. the problem only occurs during > publish: > > /userland/oi-userland/components/library/libssh2/build/manifest-i386-libssh2.depend > has > unresolved > dependency ' > depend type=require fmri=__TBD pkg.debug.depend.file=libcrypto.so.1.0.0 \ > pkg.debug.depend.reason=usr/lib/libssh2.so.1.0.1 \ > pkg.debug.depend.type=elf \ > pkg.debug.depend.path=lib \ > pkg.debug.depend.path=usr/gcc/13/lib \ > pkg.debug.depend.path=usr/lib \ > pkg.debug.depend.path=usr/openssl/3.1/lib'. > gmake: *** [/userland/oi-userland/make-rules/ips.mk:521: > /userland/oi-userland/components/library/libssh2/build/.resolved-i386] Error 1 > > my updated Makefile has: > CPPFLAGS += -I$(OPENSSL_INCDIR) > LDFLAGS += -L$(OPENSSL_LIBDIR) > CONFIGURE_OPTIONS += --with-libssl-prefix=/usr/openssl/3.1 > > and as mentioned builds and installs fine. unfortunately libssh2.so doesn't > attract any ssl libs > directly so ldd is no help. > anyhow with the openssl mediator set to 3.1 everything is fine. > > On Tue, 14 May 2024 11:49:03 +0200, Till Wegmüller wrote: >> Hi, Goetz >> >> I am not aware of any compatibility issues if there are it would be a >> good idea to remove them. Best way to find out is to start and push it >> through the finishline. >> >> -Till >> >> On 14.05.24 03:52, Goetz T. Fischer wrote: >>> hi guys, >>> >>> just a quickie, i've been going through the list of packages with security >>> implications and >>> noticed >>> that libssh2 is at 1.10.0. however 1.11.0 has been released almost one year >>> ago so i wondered, >>> is >>> that on purpose because of some compatibility issues or something like that? >>> if not i would get to that next. >>> >>> -- >>> R-A-C >>> Götz T. Fischer CertIT&Comp >>> +49(0)7225/98 98 79 >>> [email protected] >>> r-a-c.de >>> >>> _______________________________________________ >>> oi-dev mailing list >>> [email protected] >>> https://openindiana.org/mailman/listinfo/oi-dev >> >> _______________________________________________ >> oi-dev mailing list >> [email protected] >> https://openindiana.org/mailman/listinfo/oi-dev _______________________________________________ oi-dev mailing list [email protected] https://openindiana.org/mailman/listinfo/oi-dev
