Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 13 Jul 2015 20:14:14 +0100
From:      Matt Smith <fbsd@xtaz.co.uk>
To:        Kevin Oberman <rkoberman@gmail.com>
Cc:        FreeBSD-STABLE Mailing List <freebsd-stable@freebsd.org>
Subject:   Re: WITHOUT_OPENSSL and make delete-old
Message-ID:  <20150713191414.GC1284@xtaz.uk>
In-Reply-To: <CAN6yY1u4M7AD%2Bw%2BkdPu4JYQh45R6zdHm7Z3Vp0QSsNtN9scBkg@mail.gmail.com>
References:  <20150713140352.GB1284@xtaz.uk> <CAN6yY1u4M7AD%2Bw%2BkdPu4JYQh45R6zdHm7Z3Vp0QSsNtN9scBkg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Jul 13 11:29, Kevin Oberman wrote:
>On Mon, Jul 13, 2015 at 7:03 AM, Matt Smith <fbsd@xtaz.co.uk> wrote:
>
>> Hi, I use the ports version of OpenSSL for everything and don't require
>> the base version. As a result I thought I would remove it by adding
>> WITHOUT_OPENSSL into /etc/src.conf and running make delete-old in /usr/src.
>> However this seems to only want to delete things related to kerberos and
>> gssapi, which is understandable as they depend on OpenSSL.  However it
>> doesn't seem to touch any OpenSSL files at all. Is this a bug or have I
>> missed something?
>
>Yes. Several critical base system components require the base OpenSL. So, I
>seem to recall that while WITHOUT_OPENSSL will skip the optional SSL stuff,
>I am pretty sure that some of the OpenSSL always are built and are
>considered too critical to rely on a port being installed... like logging
>in, adding users, etc.

See now I assumed that the only things in the base that used it were 
Kerberos, GSSAPI, and OpenSSH. If you read the man page for src.conf it 
says that setting WITHOUT_OPENSSL also sets WITHOUT_KERBEROS, 
WITHOUT_GSSAPI, and WITHOUT_OPENSSH. This makes me think these are the 
only things in the base that do actually use OpenSSL?

Maybe there is actually a lot more that does then. Unfortunately being 
the base means I can't just use pkg to look at what's registered against 
the shared libs.

-- 
Matt

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150713191414.GC1284>