# Unable to compile openssl-1.0.1e on FreeBSD 9.1



## hbokh (Feb 15, 2013)

After upgrading from FreeBSD 8.1-RELEASE to FreeBSD 9.1-RELEASE (i386) through "freebsd-update", I am unable to (re-) compile a recent OpenSSL from ports. It looks like the shared libraries are compiled OK, but when in the apps-subdir the "openssl" binary is to be compiled, things end like this:


```
rm -f openssl
shlib_target=; if [ -n "libcrypto.so.8 libssl.so.8" ]; then  shlib_target="bsd-shared";  elif [ -n "" ]; then  FIPSLD_CC="cc"; CC=/usr/local/ssl/fips-2.0/bin/fipsld; export CC FIPSLD_CC;  fi;  LIBRARIES="-L.. -lssl  -L.. -lcrypto" ;  make -f ../Makefile.shared -e  APPNAME=openssl OBJECTS="openssl.o verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o  ca.o pkcs7.o crl2p7.o crl.o  rsa.o rsautl.o dsa.o dsaparam.o ec.o ecparam.o  x509.o genrsa.o gendsa.o genpkey.o s_server.o s_client.o speed.o  s_time.o apps.o s_cb.o s_socket.o app_rand.o version.o sess_id.o  ciphers.o nseq.o pkcs12.o pkcs8.o pkey.o pkeyparam.o pkeyutl.o  spkac.o smime.o cms.o rand.o engine.o ocsp.o prime.o ts.o srp.o"  LIBDEPS=" $LIBRARIES -L/usr/local/lib"  link_app.${shlib_target}
[B]../libcrypto.so: undefined reference to `_sem_timedwait'
../libcrypto.so: undefined reference to `_sem_getvalue'
../libcrypto.so: undefined reference to `_sem_destroy'
../libcrypto.so: undefined reference to `_sem_wait'
../libcrypto.so: undefined reference to `_sem_init'
../libcrypto.so: undefined reference to `_sem_post'
../libcrypto.so: undefined reference to `_sem_trywait'[/B]
*** [link_app.bsd] Error code 1

Stop in /usr/ports/security/openssl/work/openssl-1.0.1e/apps.
*** [openssl] Error code 1

Stop in /usr/ports/security/openssl/work/openssl-1.0.1e/apps.
*** [build_apps] Error code 1

Stop in /usr/ports/security/openssl/work/openssl-1.0.1e.
*** [do-build] Error code 1

Stop in /usr/ports/security/openssl.
```

Looks like a semaphore-thing to me, but I'm not much of a programmer to have a clue...

FYI *make config* was run with the default values.
Formerly installed port-package "openssl-1.0.1_4" was running OK.

Anyone else any clues?


----------



## youngunix (Feb 16, 2013)

Assuming all your ports are up-to-date and all the dependencies are met, try removing and reinstalling it:

```
cd /usr/ports/security/openssl/ && make deinstall clean && make config && make reinstall clean
```


----------



## wblock@ (Feb 16, 2013)

This looks like the same problem we had in another thread.  It may be something missing due to the binary upgrade.  Please show the contents of /etc/make.conf and /etc/src.conf.


----------



## hbokh (Feb 17, 2013)

Most important part of make.conf, hardly touched since FreeBSD 4.1. No src.conf (yet) on my system.


```
CPUTYPE?=               pentium2
CFLAGS=                 -Os -mmmx -pipe -fno-strict-aliasing
OPTIMIZED_CFLAGS=       YES
WITH_OPTIMIZED_CFLAGS=  YES
WITH_CPUFLAGS=          YES
#MAKEOPTS=      -j3

## CCache:
.if (!empty(.CURDIR:M/usr/src*) || !empty(.CURDIR:M/usr/obj*)) &&
!defined(NO_CCACHE)
CC=/usr/local/libexec/ccache/world/cc
CXX=/usr/local/libexec/ccache/world/c++
.endif

.if ${.CURDIR:M*/ports/devel/ccache}
NO_CCACHE= yes
.endif

# The unroll-loops and fast-math break libcrypto...
# [url]http://lists.freebsd.org/pipermail/freebsd-stable/2004-August/008493.html[/url]
#CFLAGS=        -Os -pipe -fno-strict-aliasing
#COPTFLAGS=     -O2 -pipe -funroll-loops -ffast-math
NO_PROFILE=     YES
BATCH=          YES
SUP_UPDATE=     YES
SUP=            /usr/local/bin/cvsup
SUPFLAGS=       -g -L 2 -P - -z
SUPHOST=        cvsup3.nl.freebsd.org
#SUPFILE=       /usr/share/examples/cvsup/stable-supfile
SUPFILE=        /etc/cvsupfile
#PORTSSUPFILE=  /usr/share/examples/cvsup/ports-supfile
# Fetching from nl sites preferred
MASTER_SORT_REGEX?=://[^/]*\.nl[/.]
COMPAT3X=       yes
NOUUCP=         true
NO_OPENSSH=     true
#OPENSSH_OVERWRITE_BASE=yes
#WITH_OPENSSL_STABLE=no
#OPENSSL_OVERWRITE_BASE=yes
WITH_OPENSSL_PORT=yes

...
Cut software info (Apache, NOBIND, WITHOU_X11, etc.
...

# added by use.perl 2013-02-10 12:59:05
PERL_VERSION=5.16.2
```


----------



## wblock@ (Feb 17, 2013)

There is some sort of base system library problem that seems to cause this problem.  It has not happened to me, and the exact details are not clear.  First, I would try a complete buildworld/kernel/installworld cycle along with delete-old and delete-old-libs.  It's possible that rebuilding just /usr/src/secure/lib/libcrypto would fix it, of course with the CFLAGS commented out and maybe with ccache disabled.

Unrelated comments:

A.  pentium2?  Really?
B.  Those CFLAGS are not helping, in fact, the opposite.  They are not speeding up the system and in fact prevent ports from using optimized flags.
C.  csup for ports is going away in two weeks.


----------



## hbokh (Feb 17, 2013)

Thanks for the reply, wblock@

FYI I rebuild libcrypto from /usr/src yesterday afternoon with no eh... positive effect. Negative effect: sshd stopped working after today's reboot. It's a headless system. Bummer...
Maybe I'll try again one day or tomorrow with buildworld. Takes half a day on this Pentium II.
For now I have powered off the ancient hardware and lost some faith in freebsd-upgrade(8).

Unrelated answers to unrelated comments:
A. In fact, it is indeed a "pentium2". A PII 400MHz, running FreeBSD since 1999 (started with FreeBSD 3.3-RELEASE).
B. Commenting CFLAGS in make.conf didn't help either. The "_sem_" errors kept comming back.
C. I know. They are there for _historical_ reasons.

Regarding your PM: sorry for that but the posting rules say "You may not edit your posts"...


----------



## wblock@ (Feb 17, 2013)

You'll be able to edit posts after making ten of them in ten days.  We will probably see more people with this problem, so I'd like to figure out how to solve it.  Could be it's specific to i386 systems, or maybe just freebsd-update(8).


----------



## wblock@ (Feb 17, 2013)

This thread fixed the problem by reinstalling all the old libraries: Thread 37735

To me, that is not a full fix, just a way of getting it temporarily working.


----------



## hbokh (Feb 18, 2013)

That did the trick! This part in particular, by using 

`# chflags -R noschg /usr/lib`
`# tar -xpf base.txz -C / './usr/lib/*'`

OpenSSL has been built succesfully and is now on openssl-1.0.1_8 / 1.0.1e 11 Feb 2013.

Now see if I can get the subject to include [Solved].


----------



## wblock@ (Feb 18, 2013)

The question is: what is wrong with the newer libraries, and how can that be fixed if it comes back?

(To mark the thread as solved: edit, Go Advanced, use the dropdown menu in front of the title.)


----------



## kpa (Feb 19, 2013)

If the problem does not happen on systems that were upgraded using the source based upgrade then there is problem with freebsd-update(8). And a high priority problem too.


----------

