From owner-freebsd-ports@freebsd.org Sun Jul 3 17:38:44 2016 Return-Path: Delivered-To: freebsd-ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 28422B90509 for ; Sun, 3 Jul 2016 17:38:44 +0000 (UTC) (envelope-from carmel_ny@outlook.com) Received: from BAY004-OMC2S24.hotmail.com (bay004-omc2s24.hotmail.com [65.54.190.99]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (Client CN "*.outlook.com", Issuer "Microsoft IT SSL SHA2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 00658233B for ; Sun, 3 Jul 2016 17:38:43 +0000 (UTC) (envelope-from carmel_ny@outlook.com) Received: from NAM03-DM3-obe.outbound.protection.outlook.com ([65.54.190.125]) by BAY004-OMC2S24.hotmail.com over TLS secured channel with Microsoft SMTPSVC(7.5.7601.23008); Sun, 3 Jul 2016 10:37:39 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=EgjUrJ+ittqMaLbklgX/B2Yr2y3eLDHOxndbso7+7yg=; b=OhqmTPZVjX4j/dilli2UbT1sLu+4y9EDgBOAsMgSG5R6J8g1o0cEi29DmFepN7rdTUWLD9cum9yalmeO6IZ09A+Y6euJAuKmM7cL0kALwrKYhkcvq7+Jof+RJ4xPo0dzee7aF42JXoFyKJse/MXfXPlnoL+7RZHZCFLQ8Vb2ijkdtJn5rFaoyZpuJyrxSRK+vt+3zFlOi4xHk2p5ahOKP/d0/J4QG7j7GMiRTJfSoQddQH5sXkMq6pP2cfU4vdaqdjbjAYwOAZdr9cYyNJIzxwEzggHEa1PQdHS1JvmqHOgs5uBg5lL1w6puxvS/JAFDakEN8cklNfqIluRpb44Nlw== Received: from CO1NAM03FT061.eop-NAM03.prod.protection.outlook.com (10.152.80.51) by CO1NAM03HT215.eop-NAM03.prod.protection.outlook.com (10.152.81.74) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.534.7; Sun, 3 Jul 2016 17:37:37 +0000 Received: from SN2PR20MB0845.namprd20.prod.outlook.com (10.152.80.57) by CO1NAM03FT061.mail.protection.outlook.com (10.152.81.47) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.534.7 via Frontend Transport; Sun, 3 Jul 2016 17:37:37 +0000 Received: from SN2PR20MB0845.namprd20.prod.outlook.com ([10.169.198.13]) by SN2PR20MB0845.namprd20.prod.outlook.com ([10.169.198.13]) with mapi id 15.01.0534.015; Sun, 3 Jul 2016 17:37:37 +0000 From: Gerard Seibert To: FreeBSD Ports Subject: Re: what to do when base openssl isn't suitable Thread-Topic: what to do when base openssl isn't suitable Thread-Index: AQHR1VGWNRMJjBhjj066Gy2crCmIZA== Date: Sun, 3 Jul 2016 17:37:37 +0000 Message-ID: References: <201607011859.u61IxIBt093652@gw.catspoiler.org> <1209A7B63922B79C612C8A68@atuin.in.mat.cc> In-Reply-To: <1209A7B63922B79C612C8A68@atuin.in.mat.cc> Reply-To: FreeBSD Ports Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=softfail (sender IP is 10.152.80.57) smtp.mailfrom=outlook.com; freebsd.org; dkim=none (message not signed) header.d=none;freebsd.org; dmarc=fail action=none header.from=outlook.com; received-spf: SoftFail (protection.outlook.com: domain of transitioning outlook.com discourages use of 10.152.80.57 as permitted sender) x-ms-exchange-messagesentrepresentingtype: 1 x-eopattributedmessage: 0 x-forefront-antispam-report: CIP:10.152.80.57; IPV:NLI; CTRY:; EFV:NLI; SFV:NSPM; SFS:(10019020)(98900003); DIR:OUT; SFP:1102; SCL:1; SRVR:CO1NAM03HT215; H:SN2PR20MB0845.namprd20.prod.outlook.com; FPR:; SPF:None; LANG:en; x-ms-office365-filtering-correlation-id: 9eebe31c-8d72-48b5-dab8-08d3a368b8d8 x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(1601124038)(5061506196)(5061507196)(1603103041)(1601125047); SRVR:CO1NAM03HT215; x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(432015012)(82015046); SRVR:CO1NAM03HT215; BCL:0; PCL:0; RULEID:; SRVR:CO1NAM03HT215; x-forefront-prvs: 09928BEC91 Content-Type: text/plain; charset="us-ascii" Content-ID: Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Jul 2016 17:37:37.2896 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Internet X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO1NAM03HT215 X-OriginalArrivalTime: 03 Jul 2016 17:37:39.0048 (UTC) FILETIME=[980C8680:01D1D551] X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 03 Jul 2016 17:38:44 -0000 On Sun, 3 Jul 2016 18:27:45 +0200, Mathieu Arnold stated: >+--On 1 juillet 2016 11:59:18 -0700 Don Lewis >wrote: | I've got a port that does not work with base openssl because >it looks | for libssl.pc. Other than that, I don't think it is picky >about what | flavor of ports ssl is installed. Because the default >version of ssl | still defaults to base, I don't see a way to get this >port to build on | the cluster, so there is no way to provide binary >packages. That's a | problem for end users because this port has >bunch of huge build | dependencies. Thoughts? > >Right now, you put int he port's Makefile (it always was wrong to do >so, but so many are doing it...): > >USE_OPENSSL=3Dyes >WITH_OPENSSL_PORT=3Dyes > >This summer, I'll change the default OpenSSL from base to >security/openssl, and at that point, I will remove all the >WITH_OPENSSL_PORT for a check with SSL_DEFAULT (that will get the port >ignored if it the wrong SSL is used.) It needs some work WRT GSSAPI to >make sure a sane default is choosen if building with ports openssl. > >And then, in the near future, I'll remove support for base openssl and >gssapi in the ports tree, so that everything is always built with >ports. Sounds like a sane plan to me. I have always hated the duplication of applications in ports and base. In almost all cases, the "base" application is older than the port version. Updating it is more work, and inevitable a conflict arises. --=20 Jerry