# ucspi-ssl-0.99b



## Bucky (May 22, 2022)

Today I upgraded my system and qmail jail to FreeBSD v13.1. Obeyed the command to upgrade 3rd party apps and pkg DELETED my ucspi-ssl install. It happens to be critical to my qmail functioning and now I'm stuck - can't seem to find a v13.1 (or even 13.0) compatible version of ucspi-ssl. I've email the maintainer to ask for a package upgrade.

Tried building from source and it errors out with things I don't understand.

Any thoughts? Alternative option that will do the same thing? Is downgrading to v12.3 my only option?

B


----------



## Bucky (May 22, 2022)

Temporary fix - thank goodness for snapshots.

Still wondering if anyone has an alternative to ucspi-ssl?


----------



## SirDice (May 23, 2022)

Bucky said:


> I've email the maintainer to ask for a package upgrade.


sysutils/ucspi-ssl doesn't have a maintainer.



Bucky said:


> Tried building from source and it errors out with things I don't understand.


That's why the port is marked broken on 13 and 14:

```
BROKEN_FreeBSD_13=	ld: error: duplicate symbol: strnum
BROKEN_FreeBSD_14=	ld: error: duplicate symbol: strnum
```


----------



## Bucky (May 23, 2022)

As always, thank you Sir Dice. I successfully built the sslserver using the instructions found here: https://github.com/meixler/installing-configuring-and-running-ucspi-ssl-sslserver

So I can go that route (already need to do that for the spamdyke program which is also without a maintainer.)

The interesting problem I've created for myself now is that I have a jail updated to the v13.1 of FreeBSD but the contents running inside are from the previous 12.3 incantation of the jail. I think I'll build a new v13.1 jail and do the right thing with the above knowledge.

Thank you and if I can' mark this as solved, would you please?


----------



## SirDice (May 23, 2022)

Bucky said:


> the instructions found here


That link shows a 0.12.3 version of ucspi-ssl. The port is still on 0.99b which is fairly old. I assume this build issue is solved on the newer version of the code.

Because this is an unmaintained port there's nobody responsible for updating it.


----------



## Bucky (May 23, 2022)

Best I can tell there has always been a disconnect between the FreeBSD ports version of ucspi-ssl and the version from the author(s).

There was another thread here that touched on the discrepancy and the OP said he was ultimately successful in getting the non-port version compiled, mentioning in the offhand that he changed some directory pointers. You asked him to elaborate for the benefit of others but he disappeared. I'm hoping that my link answers that question and solves my issue as well.

Thanks again!


----------



## SirDice (May 23, 2022)

Bucky said:


> Best I can tell there has always been a disconnect between the FreeBSD ports version of ucspi-ssl and the version from the author(s).


It's an unmaintained port. So nobody is responsible for it. It's only updated if some kind soul submits the patches for it.


----------



## Bucky (May 23, 2022)

Unfortunately I have neither the skill nor the knowledge about how to take over as the maintainer. I'm just a hobbyist (no CS background).


----------



## SirDice (May 23, 2022)

Don't have a CS degree either. Doesn't stop me from maintaining a port though 

But you don't have to maintain a port to submit patches or updates. Anyone can do that. All you need is a registered account at https://bugs.freebsd.org


----------



## Bucky (May 23, 2022)

Let me ponder it. Several years back  you asked me if I could take over as the spamdyke port maintainer and it looked too daunting, largely because I don't understand how ports are maintained or how their version numbers are changed and why, etc.

In the meantime I'll see if I can build a new MTA jail using v13.1 of FreeBSD and get spamdyke and ucspi-ssl compiled as the non-port programs I need to work with qmail.

And you've undoubtedly forgotten more about CS than any CS program teaches.


----------



## SirDice (May 23, 2022)

Tried to modify the port so it builds 0.12.3 but the new version seems to depend on fehQlibs. There's no port for that as far as I can tell. So that would need to be added first.

That said, the new version does appear to support OpenSSL 3.0 and LibreSSL 3.3.x, so it's definitely more future proof than the old 0.99b version.


----------



## Bucky (May 23, 2022)

Yes, fehQlibs required. Easily compiled and linked-to for the ucspi-ssl compile. Are there licensing issues to consider?

Help me with the version numbering schema. The port version is 0.99b. The authors' version is 0.12.3. Isn't 0.99b > 0.12.3? That is one place where my dissonance lies.


----------



## SirDice (May 23, 2022)

Bucky said:


> Isn't 0.99b > 0.12.3?


Yeah, it seems they changed the version scheme. Add `PORTEPOCH= 1`: https://docs.freebsd.org/en/books/porters-handbook/makefiles/#makefile-portepoch


----------



## Bucky (May 23, 2022)

Sigh...

Another handbook to read when I have time. Thanks.


----------

