From owner-freebsd-ports Sat Jan 29 19:18:12 2000 Delivered-To: freebsd-ports@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 758) id 5F14E14E4D; Sat, 29 Jan 2000 19:18:10 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id 4C9791CD80C for ; Sat, 29 Jan 2000 19:18:10 -0800 (PST) (envelope-from kris@hub.freebsd.org) Date: Sat, 29 Jan 2000 19:18:10 -0800 (PST) From: Kris Kennaway To: ports@freebsd.org Subject: USE_OPENSSL update (READ ME!) Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I'm hearing precious little feedback about this, guys. I need to know if this works properly on your 3.x and 4.0 systems so I can get it into the tree in time for the ports freeze. This version fixes rsaref support for non-4.0 systems and has a different hack for the CFLAGS problem if we don't use a configure script. This has only been necessary so far for pipsecd and seems to fix the problem there. New patched ports (see http://www.freebsd.org/~kris/openssl): w3m-ssl pipsecd (updated) Kris Index: Mk/bsd.port.mk =================================================================== RCS file: /home/ncvs/ports/Mk/bsd.port.mk,v retrieving revision 1.326 diff -u -r1.326 bsd.port.mk --- Mk/bsd.port.mk 2000/01/21 11:08:06 1.326 +++ Mk/bsd.port.mk 2000/01/30 01:45:15 @@ -571,6 +571,47 @@ PREFIX?= ${LOCALBASE} .endif +.if defined(USE_OPENSSL) +.if ${OSVERSION} >= 400014 && exists(/usr/lib/libcrypto.a) +.if ${USE_OPENSSL} == RSA +_HASRSA= "`/usr/bin/nm /usr/lib/libcrypto.a | /usr/bin/grep RSA_free`" +.if empty(_HASRSA) +.BEGIN: + @${ECHO} "This port requires RSA crypto, which is not present in your" + @${ECHO} "version of OpenSSL. Please see Chapter XX in the FAQ for" + @${ECHO} "a description of the problem and alternative solutions." + @${FALSE} +.endif +.endif +OPENSSLBASE= /usr +OPENSSLDIR= /etc/ssl +# OpenSSL in the base system doesn't include IDEA for patent reasons. +OPENSSL_IDEA= no +# XXX Might not valways work - this is a hack +.if defined(HAS_CONFIGURE) +CFLAGS+= -DNO_IDEA +.else +OPENSSL_CFLAGS+=-DNO_IDEA +MAKE_ARGS+= OPENSSL_CFLAGS="${OPENSSL_CFLAGS}" +.endif +.else +LIB_DEPENDS+= crypto.1:${PORTSDIR}/security/openssl +OPENSSLBASE?= ${LOCALBASE} +OPENSSLDIR?= ${OPENSSLBASE}/openssl +.endif +.if ${USE_OPENSSL} == RSA && defined(USA_RESIDENT) && ${USA_RESIDENT} == YES +LIB_DEPENDS+= rsaref.2:${PORTSDIR}/security/rsaref +# We set this so ports can decide whether or not to link against librsaref +# and libRSAglue +OPENSSL_RSAREF= yes +.endif +OPENSSLLIB= ${OPENSSLBASE}/lib +OPENSSLINC= ${OPENSSLBASE}/include +MAKE_ENV+= OPENSSLLIB=${OPENSSLLIB} OPENSSLINC=${OPENSSLINC} \ + OPENSSLBASE=${OPENSSLBASE} OPENSSLDIR=${OPENSSLDIR} +RESTRICTED= "Contains cryptography." +.endif + .endif # End of pre-makefile section. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message