Bug 1952930
Summary: | certmonger: Port to OpenSSL 3.0 | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 9 | Reporter: | Sahana Prasad <sahana> |
Component: | certmonger | Assignee: | Rob Crittenden <rcritten> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | ipa-qe <ipa-qe> |
Severity: | unspecified | Docs Contact: | |
Priority: | high | ||
Version: | CentOS Stream | CC: | bstinson, cheimes, fweimer, jwboyer, ksiddiqu, mpolovka, pvoborni, rcritten |
Target Milestone: | beta | Keywords: | Triaged |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | certmonger-0.79.13-6.el9 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2021-12-07 21:24:13 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1955873, 1961687 | ||
Bug Blocks: | 1958021 |
Description
Sahana Prasad
2021-04-23 15:28:41 UTC
There is no sidetag yet, kindly use this build https://brewweb.engineering.redhat.com/brew/buildinfo?buildID=1571383 I will notify you where there is a sidetag. Will start in Fedora with https://copr.fedorainfracloud.org/coprs/saprasad/openssl-3.0/ I believe this failure is caused by libraries that have not been ported yet, including openldap and krb5. Still waiting for dependent libraries to be rebuilt and added to the side tag: https://kojihub.stream.rdu2.redhat.com/kojifiles/work/tasks/6342/266342/build.log The build failure looks like a toolchain problem, unrelated to OpenSSL 3.0: /usr/bin/ld: /usr/bin/ld: DWARF error: invalid abstract instance DIE ref /tmp/cckkh08J.ltrans0.ltrans.o: in function `main': <artificial>:(.text.startup[.text.startup.group]+0x2ee): undefined reference to `OPENSSL_init_ssl' I filed binutils bug 1960658 for this. I expect the fact that it appears after your changes is just an accident. Adding %define _lto_cflags %{nil} to the spec eliminated the DWARF warnings libcurl, openldap and openssh were built and added to the side tag, thanks. I attempted a rebuild this morning and it looks like only the krb5 dependency is missing: https://kojihub.stream.rdu2.redhat.com/koji/taskinfo?taskID=267355 I'm adding the krb5 BZ to make the dependency more visible. I made a hacky local build of krb5. It provides enough that certmonger can compile so I can at least start looking at the API changes needed (just a small component of certmonger requires Kerberos). Filed https://bugzilla.redhat.com/show_bug.cgi?id=1961687 . openssl spkac fails causing tests/003-csrgen to fail I have a candidate scratch build done. Patches merged. This will need to be re-visited in the future once the OpenSSL bug is addressed so I can re-enable the gencsr tests. Verified manually from build log[1] of certmonger-0.79.13-6.el9[2] Requires: libc.so.6()(64bit) libc.so.6(GLIBC_2.14)(64bit) libc.so.6(GLIBC_2.15)(64bit) libc.so.6(GLIBC_2.2.5)(64bit) libc.so.6(GLIBC_2.27)(64bit) libc.so.6(GLIBC_2.3)(64bit) libc.so.6(GLIBC_2.3.4)(64bit) libc.so.6(GLIBC_2.33)(64bit) libc.so.6(GLIBC_2.4)(64bit) libcom_err.so.2()(64bit) libcrypto.so.3()(64bit) libcrypto.so.3(OPENSSL_3.0.0)(64bit) libcurl.so.4()(64bit) libdbus-1.so.3()(64bit) libdbus-1.so.3(LIBDBUS_1_3)(64bit) libdl.so.2()(64bit) libidn2.so.0()(64bit) libidn2.so.0(IDN2_0.0.0)(64bit) libjansson.so.4()(64bit) libkrb5.so.3()(64bit) libkrb5.so.3(krb5_3_MIT)(64bit) libldap_r-2.4.so.2()(64bit) libnspr4.so()(64bit) libnss3.so()(64bit) libnss3.so(NSS_3.10)(64bit) libnss3.so(NSS_3.12)(64bit) libnss3.so(NSS_3.12.4)(64bit) libnss3.so(NSS_3.12.5)(64bit) libnss3.so(NSS_3.14)(64bit) libnss3.so(NSS_3.16.2)(64bit) libnss3.so(NSS_3.2)(64bit) libnss3.so(NSS_3.3)(64bit) libnss3.so(NSS_3.4)(64bit) libnss3.so(NSS_3.5)(64bit) libnss3.so(NSS_3.7)(64bit) libnss3.so(NSS_3.8)(64bit) libnss3.so(NSS_3.9)(64bit) libnss3.so(NSS_3.9.3)(64bit) libnssutil3.so()(64bit) libnssutil3.so(NSSUTIL_3.12)(64bit) libplc4.so()(64bit) libplds4.so()(64bit) libpopt.so.0()(64bit) libpopt.so.0(LIBPOPT_0)(64bit) libpthread.so.0()(64bit) libpthread.so.0(GLIBC_2.2.5)(64bit) libresolv.so.2()(64bit) libresolv.so.2(GLIBC_2.2.5)(64bit) libresolv.so.2(GLIBC_2.9)(64bit) libsmime3.so()(64bit) libsmime3.so(NSS_3.4)(64bit) libssl3.so()(64bit) libtalloc.so.2()(64bit) libtalloc.so.2(TALLOC_2.0.2)(64bit) libtevent.so.0()(64bit) libtevent.so.0(TEVENT_0.9.9)(64bit) libuuid.so.1()(64bit) libuuid.so.1(UUID_1.0)(64bit) libxml2.so.2()(64bit) libxml2.so.2(LIBXML2_2.4.30)(64bit) rtld(GNU_HASH) Processing files: certmonger-debugsource-0.79.13-6.el9.x86_64 [1] http://download.eng.bos.redhat.com/brewroot/vol/rhel-9/packages/certmonger/0.79.13/6.el9/data/logs/x86_64/build.log [2] https://brewweb.engineering.redhat.com/brew/buildinfo?buildID=1635509 |