NetBSD Problem Report #41628
From jukka+moray@salmi.ch Tue Jun 23 09:53:26 2009
Return-Path: <jukka+moray@salmi.ch>
Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
by www.NetBSD.org (Postfix) with ESMTP id 6A7D963B883
for <gnats-bugs@gnats.NetBSD.org>; Tue, 23 Jun 2009 09:53:26 +0000 (UTC)
Message-Id: <20090623095322.7E4BC52EE@moray.salmi.ch>
Date: Tue, 23 Jun 2009 11:53:22 +0200 (CEST)
From: Jukka Salmi <j+nbsd@salmi.ch>
Reply-To: Jukka Salmi <j+nbsd@salmi.ch>
To: gnats-bugs@gnats.NetBSD.org
Subject: OpenSSL's c_rehash can't find openssl binary (patch supplied)
X-Send-Pr-Version: 3.95
>Number: 41628
>Category: misc
>Synopsis: OpenSSL's c_rehash can't find openssl binary (patch supplied)
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: misc-bug-people
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Tue Jun 23 09:55:00 +0000 2009
>Closed-Date: Mon Jun 29 18:30:07 +0000 2009
>Last-Modified: Mon Jun 29 18:30:07 +0000 2009
>Originator: Jukka Salmi
>Release: NetBSD HEAD and all releases
>Organization:
>Environment:
n/a
>Description:
Due to a bug in OpenSSL's c_rehash tool it can't be used on a NetBSD
system to populate /etc/openssl/certs with symlinks to the hash values
of certificates.
This problem has been [1]reported to the OpenSSL project as ticket #1901
and is fixed on the OpenSSL_1_0_0-stable branch.
[1] http://rt.openssl.org/Ticket/Display.html?id=1901
>How-To-Repeat:
Add some certificates to /etc/openssl/certs and run
$ c_rehash /etc/openssl/certs
Doing /etc/openssl/certs
sh: /root/openssl: not found
[...]
>Fix:
The following patch fixes the problem. It's also available from
http://salmi.ch/~jukka/patches/nbsd/HEAD/crypto/dist/openssl/tools/c_rehash.patch
Index: crypto/dist/openssl/tools/c_rehash
===================================================================
RCS file: /cvsroot/src/crypto/dist/openssl/tools/c_rehash,v
retrieving revision 1.1.1.13
diff -u -p -r1.1.1.13 c_rehash
--- crypto/dist/openssl/tools/c_rehash 9 May 2008 21:34:47 -0000 1.1.1.13
+++ crypto/dist/openssl/tools/c_rehash 23 Jun 2009 09:27:07 -0000
@@ -31,6 +31,7 @@ if(! -x $openssl) {
foreach (split /$path_delim/, $ENV{PATH}) {
if(-x "$_/$openssl") {
$found = 1;
+ $openssl = "$_/$openssl";
last;
}
}
Index: crypto/dist/openssl/tools/c_rehash.in
===================================================================
RCS file: /cvsroot/src/crypto/dist/openssl/tools/c_rehash.in,v
retrieving revision 1.1.1.4
diff -u -p -r1.1.1.4 c_rehash.in
--- crypto/dist/openssl/tools/c_rehash.in 9 May 2008 21:34:47 -0000 1.1.1.4
+++ crypto/dist/openssl/tools/c_rehash.in 23 Jun 2009 09:27:07 -0000
@@ -31,6 +31,7 @@ if(! -x $openssl) {
foreach (split /$path_delim/, $ENV{PATH}) {
if(-x "$_/$openssl") {
$found = 1;
+ $openssl = "$_/$openssl";
last;
}
}
>Release-Note:
>Audit-Trail:
From: Christos Zoulas <christos@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/41628 CVS commit: src/crypto/dist/openssl/tools
Date: Tue, 23 Jun 2009 10:08:03 -0400
Module Name: src
Committed By: christos
Date: Tue Jun 23 14:08:03 UTC 2009
Modified Files:
src/crypto/dist/openssl/tools: c_rehash c_rehash.in
Log Message:
PR/41628: Jukka Salmi: OpenSSL's c_rehash can't find openssl binary
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.13 -r1.2 src/crypto/dist/openssl/tools/c_rehash
cvs rdiff -u -r1.1.1.4 -r1.2 src/crypto/dist/openssl/tools/c_rehash.in
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: David Holland <dholland-bugs@netbsd.org>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: misc/41628: OpenSSL's c_rehash can't find openssl binary
(patch supplied)
Date: Sat, 27 Jun 2009 17:12:26 +0000
On Tue, Jun 23, 2009 at 09:55:01AM +0000, Jukka Salmi wrote:
> Due to a bug in OpenSSL's c_rehash tool it can't be used on a NetBSD
> system to populate /etc/openssl/certs with symlinks to the hash values
> of certificates.
Given that this is a Perl script and we don't (AFAICT) install it, is
there any real point patching the openssl in base?
(The patch should probably be added to the pkgsrc version though,
which does install c_rehash.)
--
David A. Holland
dholland@netbsd.org
From: Jukka Salmi <j+nbsd@2009.salmi.ch>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: misc/41628: OpenSSL's c_rehash can't find openssl binary
(patch supplied)
Date: Sun, 28 Jun 2009 13:20:38 +0200
David Holland wrote:
> The following reply was made to PR misc/41628; it has been noted by GNATS.
>
> From: David Holland <dholland-bugs@netbsd.org>
> To: gnats-bugs@NetBSD.org
> Cc:
> Subject: Re: misc/41628: OpenSSL's c_rehash can't find openssl binary
> (patch supplied)
> Date: Sat, 27 Jun 2009 17:12:26 +0000
>
> On Tue, Jun 23, 2009 at 09:55:01AM +0000, Jukka Salmi wrote:
> > Due to a bug in OpenSSL's c_rehash tool it can't be used on a NetBSD
> > system to populate /etc/openssl/certs with symlinks to the hash values
> > of certificates.
>
> Given that this is a Perl script and we don't (AFAICT) install it, is
> there any real point patching the openssl in base?
At least it doesn't hurt; since the change in question has been
committed to OpenSSL HEAD it won't cause any maintenance overhead for
NetBSD developers in the future.
> (The patch should probably be added to the pkgsrc version though,
> which does install c_rehash.)
Indeed. I'll send a PR.
Regards, Jukka
--
This email fills a much-needed gap in your mailbox.
From: Bernd Ernesti <netbsd@lists.veego.de>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: misc/41628: OpenSSL's c_rehash can't find openssl binary (patch supplied)
Date: Sun, 28 Jun 2009 13:37:26 +0200
On Sun, Jun 28, 2009 at 11:25:02AM +0000, Jukka Salmi wrote:
[..]
> > Given that this is a Perl script and we don't (AFAICT) install it, is
> > there any real point patching the openssl in base?
>
> At least it doesn't hurt; since the change in question has been
> committed to OpenSSL HEAD it won't cause any maintenance overhead for
> NetBSD developers in the future.
I see no point in commiting something which will not be installed and
can cause merge errors while importing a new version.
Bernd
From: David Holland <dholland-bugs@netbsd.org>
To: gnats-bugs@NetBSD.org
Cc: misc-bug-people@netbsd.org, gnats-admin@netbsd.org,
netbsd-bugs@netbsd.org, Jukka Salmi <j+nbsd@salmi.ch>
Subject: Re: misc/41628: OpenSSL's c_rehash can't find openssl binary
(patch supplied)
Date: Sun, 28 Jun 2009 21:30:35 +0000
On Sun, Jun 28, 2009 at 11:25:02AM +0000, Jukka Salmi wrote:
> > Given that this is a Perl script and we don't (AFAICT) install it, is
> > there any real point patching the openssl in base?
>
> At least it doesn't hurt; since the change in question has been
> committed to OpenSSL HEAD it won't cause any maintenance overhead for
> NetBSD developers in the future.
It doesn't hurt, and it's been done in head, but I don't really think
it's worth processing pullups to the stable branches.
> > (The patch should probably be added to the pkgsrc version though,
> > which does install c_rehash.)
>
> Indeed. I'll send a PR.
Thanks.
> This email fills a much-needed gap in your mailbox.
:-)
--
David A. Holland
dholland@netbsd.org
From: Jukka Salmi <j+nbsd@2009.salmi.ch>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: misc/41628: OpenSSL's c_rehash can't find openssl binary
(patch supplied)
Date: Mon, 29 Jun 2009 16:38:30 +0200
David Holland wrote:
> It doesn't hurt, and it's been done in head, but I don't really think
> it's worth processing pullups to the stable branches.
Sure. Could anybody please close this PR?
Regards, Jukka
--
This email fills a much-needed gap in your mailbox.
State-Changed-From-To: open->closed
State-Changed-By: snj@NetBSD.org
State-Changed-When: Mon, 29 Jun 2009 18:30:07 +0000
State-Changed-Why:
Fixed on HEAD. Thanks!
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.
Home