Results 1 to 8 of 8

Thread: FreeBSD 12.0-RC2

  1. #1
    Join Date
    May 2005
    Location
    Ukraine, Kiev
    Posts
    122

    Question FreeBSD 12.0-RC2

    Hi everybody!

    Is there any news about DirectAdmin on FreeBSD 12.RC-2 and OpenSSL 1.1.1-beta?

    I've upgraded one of my test bsd box from 11.2-RELEASE to 12.0-RC2 and directadmin was unable to start because directadmin binary compiled with openssl1.0

    Then, I install /usr/ports/security/openssl and DirectAdmin starts & works fine, but that's not an option, 12.0-RC2 base all built over openssl 1.1 without SSLv2|v3 support
    and with TLSv1.3 support.

    So, I built all my sources/ports (php nginx apache exim dovecot) over base openssl, not one from ports, so all of it completely support TLSv1.3, the one exclusion is DirectAdmin itself.
    Also, linking /usr/local/lib/libssl.so.8 to /usr/lib/libssl.so.111 and /usr/local/lib/libcrypto.so.8 to /lib/libcrypto.so.111 won't help -- directadmin unable to start with error

    Undefined symbol "SSL_load_error_strings"

    Of course i'ts undefined, no method "SSL_load_error_strings" in /usr/lib/libssl.so.111

    TLSv1.3 is not a future, it's here already, so I hope to see DirectAdmin OpenSSL/1.1 powered soon

    Discussions welcome!

  2. #2
    Hi Roman,

    As a general policy, we don't start development until the full version is released.
    In some cases the binaries will work, where workarounds could be used, but if not, then it's a waiting game for the full version to come out.
    We're also excited for all of the new goodies TLS 1.3 provides and will start development on FreeBSD 12 once it's released.
    Reading the rumblings of the internets, it seems like it could possibly be released mid December, so not too far off.. so if that happens, then possibly a beta version of DA for it maybe early to mid January, assuming all goes well (very rough, not in stone)

    John

  3. #3
    Join Date
    May 2005
    Location
    Ukraine, Kiev
    Posts
    122
    Hi John,

    Good news, it's really nice to hear from you! Can I take part as betatester when DA-beta for FreeBSD 12 with TLS 1.3 released?

  4. #4
    Absolutely. It will be in the pre-release area once ready. I'll add a BETA forum for FreeBSD 12 once we have something, so keep an eye out

    John

  5. #5
    Join Date
    May 2005
    Location
    Ukraine, Kiev
    Posts
    122
    Shure!

    Thanks, John!

  6. #6
    Join Date
    May 2005
    Location
    Ukraine, Kiev
    Posts
    122
    I was able to start DirectAdmin on FreeBSD 12.0-RC2 without installing ports/security/openssl with following tricks:

    Code:
    # file /usr/local/directadmin/directadmin
    directadmin: ELF 64-bit LSB executable, x86-64, version 1 (FreeBSD), dynamically linked, interpreter /usr/libexec/ld-elf.so.1, for FreeBSD 11.1, FreeBSD-style, with debug_info, not stripped
    Code:
    # ldd /usr/local/directadmin/directadmin
    /usr/local/directadmin/directadmin:
    libssl.so.8 => not found (0)
    libcrypt.so.5 => /lib/libcrypt.so.5 (0x800c28000)
    libcrypto.so.8 => not found (0)
    libz.so.6 => /lib/libz.so.6 (0x800c4a000)
    libthr.so.3 => /lib/libthr.so.3 (0x800c64000)
    librt.so.1 => /usr/lib/librt.so.1 (0x800c8f000)
    libc++.so.1 => /usr/lib/libc++.so.1 (0x800c97000)
    libcxxrt.so.1 => /lib/libcxxrt.so.1 (0x800d66000)
    libm.so.5 => /lib/libm.so.5 (0x800d87000)
    libc.so.7 => /lib/libc.so.7 (0x800db9000)
    libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x8011ac000)
    So let's give it to them!

    Code:
    # cd /usr/local/directadmin/ && mkdir lib && cd lib
    # pkg fetch -yo . openssl && tar -xf All/openssl*
    # mv All/usr/local/lib/* . && rm -rf All
    then add to /etc/libmap.conf (create it if not exist)

    Code:
    ## Ensure all binaries located in /usr/local/directadmin/ use 
    ## same libs from /usr/local/directadmin/lib
    
    [/usr/local/directadmin/]
    
    libssl.so.8 /usr/local/directadmin/lib/libssl.so.9
    libcrypto.so.8 /usr/local/directadmin/lib/libcrypto.so.9
    Then

    Code:
    #service directadmin restart
    Now DirectAdmin is back and serving TLS 1.2 via old openssl 1.0 libs.

    Just a true unix magick

    PS: I do not use custombuild, all my systems are crafted/customized manually -- most part of software built from ports and all php releases built from source with freebsd patches includion my own optimizations and CPU-optimized flags.
    Last edited by roman_m; 12-04-2018 at 07:56 AM.

  7. #7
    Join Date
    May 2008
    Posts
    757
    FreeBSD 12 was released today.

  8. #8
    Join Date
    May 2005
    Location
    Ukraine, Kiev
    Posts
    122
    Quote Originally Posted by wattie View Post
    FreeBSD 12 was released today.
    YES!

    Can't wait to install & test it.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •