Date: Wed, 6 Apr 2016 10:06:41 -0400 From: Jim Ohlstein <jim@ohlste.in> To: Kurt Jaeger <lists@opsec.eu>, =?UTF-8?Q?Martin_Waschb=c3=bcsch?= <martin@waschbuesch.de> Cc: ports@freebsd.org, Michelle Sullivan <michelle@sorbs.net> Subject: Re: Committer needed for PR 208029 Message-ID: <570517F1.5020305@ohlste.in> In-Reply-To: <20160406044431.GO35640@home.opsec.eu> References: <498CA3F8-15EF-45BD-880C-241F83CBE3DD@waschbuesch.de> <20160405185159.GK35640@home.opsec.eu> <20160405200835.GM35640@home.opsec.eu> <57042958.5010701@sorbs.net> <C96569DA-ADC5-4BE0-819A-7375C3F50D8E@waschbuesch.de> <20160406044431.GO35640@home.opsec.eu>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, On 4/6/16 12:44 AM, Kurt Jaeger wrote: > Hi! > >> Actually, I just noticed (when compiling the port), that the Makefile now says: >> >> WITH_OPENSSL_PORT=yes > > Yes, sorry, my fault. Fixed, and as suggested by mat: It is > now as IGNORE with a message explaining how to do it for 9.x. > This is much ado about nothing. The "WITH_OPENSSL_PORT" option is there for just this purpose and is used in many ports. There's no reason some binaries can't be linked to one version of OpenSSL and others to another, so long as they aren't expected to work as one (I'd imagine a dynamically loaded module that is linked to a different library might cause a problem). That is the reason that ports contains a more current version than base. This is from the ports/www directory: # grep WITH_OPENSSL_PORT */Makefile aws/Makefile:WITH_OPENSSL_PORT= yes drood/Makefile:WITH_OPENSSL_PORT= yes h2o/Makefile:WITH_OPENSSL_PORT= no h2o/Makefile:WITH_OPENSSL_PORT= yes mod_tsa/Makefile:WITH_OPENSSL_PORT= yes nginx-devel/Makefile:WITH_OPENSSL_PORT= yes nginx-devel/Makefile:WITH_OPENSSL_PORT= yes nginx/Makefile:WITH_OPENSSL_PORT= yes nginx/Makefile:WITH_OPENSSL_PORT= yes obhttpd/Makefile:WITH_OPENSSL_PORT=yes owncloud/Makefile:WITH_OPENSSL_PORT= yes spdylay/Makefile:.if ${OSVERSION} < 1000000 && !defined(WITH_OPENSSL_PORT) tengine/Makefile:WITH_OPENSSL_PORT= yes tomcat-native/Makefile:WITH_OPENSSL_PORT= yes I'm sure there are dozens of others. Forcing users who want to use this port to use OpenSSL from ports for ALL ports is overkill. Think about official packages. Are ALL packages built against OpenSSL from ports, or only those that need them? It's the latter, of course. Are they incompatible in production? No. -- Jim Ohlstein "Never argue with a fool, onlookers may not be able to tell the difference." - Mark Twain
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?570517F1.5020305>