Dear Dmitry, On Fri, 2023-02-10 at 09:55 +0100, Dmitry Belyavskiy wrote: > Dear Michel, > > In RHEL/CentOS we currently provide a double versioning for > OPENSSL_strcasecmp and OPENSSL_strncasecmp functions. > They were added in 3.0.1 downstream and 3.0.3 upstream. > > 0056-strcasecmp.patch in CentOS stream fixes the test in question. > Ah, interesting. I took a look at the history of that patch, and narrowed down the issue: - with f2a49ef424f831aac988356fc8b2b910e443dc42 from Nov 25, rebuilding in EPEL 8 fails: - https://gitlab.com/redhat/centos-stream/rpms/openssl/-/commit/f2a49ef424f831aac988356fc8b2b910e443dc42 https://koji.fedoraproject.org/koji/taskinfo?taskID=97348528 - with that patch backed out, building 3.0.7-2 succeeds: https://koji.fedoraproject.org/koji/taskinfo?taskID=97348707 Note that these are the exact openssl package from c9s, just rebuilt with the g++ dependency replaced by gcc-c++. I suppose the easiest resolution here is for me to build openssl3 (for EPEL 8) with that commit backed out, but I'm a bit puzzled as to why this happens. Any idea there? Thanks, Michel > On Thu, Feb 9, 2023 at 9:47 PM Michel Alexandre Salim > <salimma@xxxxxxxxxxxxxxxxx> wrote: > > > > Hi Dmitry, > > > > On Thu, 2023-02-09 at 18:02 +0100, Dmitry Belyavskiy wrote: > > > Dear colleagues, > > > > > > I've just pushed updates of OpenSSL to the 3.0.8 version to > > > f36/37. > > > I will also push to f38 and rawhide later today. > > > > > > This is a security release, it fixes 8 MODERATE CVEs > > > (https://www.openssl.org/news/secadv/20230207.txt) > > > > > > I kindly ask you to test the version so it could be rolled up > > > earlier. > > > > > Would you happen to have any insight into why some tests are > > failing > > when rebuilt on EPEL 8? > > > > This is with a scratch build of EPEL 8's openssl3 (which is just a > > rebuild of openssl but renamed and with some subpackages removed) > > https://koji.fedoraproject.org/koji/taskinfo?taskID=97314920 > > > > The errors are all identical, so to be doubly sure I rebuilt the > > centos > > 9 srpm (only on x86_64), just slightly modified to change the g++ > > BR to > > gcc-c++, and it failed identically > > https://koji.fedoraproject.org/koji/taskinfo?taskID=97318473 > > > > # The following symbols are missing in libcrypto.so.3: > > # OPENSSL_strcasecmp > > # OPENSSL_strncasecmp > > # The following symbols are extra in libcrypto.so.3: > > # BIO_dgram_is_sctp > > # BIO_dgram_sctp_msg_waiting > > # BIO_dgram_sctp_notification_cb > > # BIO_dgram_sctp_wait_for_dry > > # BIO_new_dgram_sctp > > # BIO_s_datagram_sctp > > not ok 2 - check that there are no missing symbols in > > libcrypto.so.3 > > # ----------------------------------------------------------------- > > ---- > > ---------03-test_internal_modes.t ........... ok > > 03-test_internal_namemap.t ......... ok > > 03-test_internal_curve448.t ........ ok > > 03-test_internal_poly1305.t ........ ok > > # Looks like you failed 1 test of 4.01-test_symbol_presence.t > > .......... > > Dubious, test returned 1 (wstat 256, 0x100) > > Failed 1/4 subtests > > 02-test_lhash.t ....... > > > > Thanks, > > > > -- > > Michel Alexandre Salim > > identities: > > https://keyoxide.org/5dce2e7e9c3b1cffd335c1d78b229d2f7ccc04f2 > > _______________________________________________ > > devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx > > To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx > > Fedora Code of Conduct: > > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > > List Guidelines: > > https://fedoraproject.org/wiki/Mailing_list_guidelines > > List Archives: > > https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx > > Do not reply to spam, report it: > > https://pagure.io/fedora-infrastructure/new_issue > > > > -- > Dmitry Belyavskiy > _______________________________________________ > devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: > https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue -- Michel Alexandre Salim identities: https://keyoxide.org/5dce2e7e9c3b1cffd335c1d78b229d2f7ccc04f2
Attachment:
signature.asc
Description: This is a digitally signed message part
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue