From owner-freebsd-ports Mon Mar 24 11:13:32 2003 Delivered-To: freebsd-ports@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DD92637B401 for ; Mon, 24 Mar 2003 11:13:24 -0800 (PST) Received: from mail.urchin.com (ns2.quantified.com [63.212.171.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3043B43F85 for ; Mon, 24 Mar 2003 11:13:24 -0800 (PST) (envelope-from dsilver@urchin.com) Received: from support.urchin.com (support.urchin.com [63.212.171.7]) by mail.urchin.com (8.12.1/8.12.1) with ESMTP id h2OJDcYT054399; Mon, 24 Mar 2003 11:13:16 -0800 (PST) (envelope-from dsilver@urchin.com) Received: from danzig.sd.quantified.net (web.urchin.com [63.212.171.5]) (authenticated bits=0) by support.urchin.com (8.12.8/8.12.6) with ESMTP id h2OJCGsL040787; Mon, 24 Mar 2003 11:12:17 -0800 (PST) (envelope-from dsilver@urchin.com) Content-Type: text/plain; charset="iso-8859-1" From: Doug Silver Organization: Urchin Software Corporation To: dirk.meyer@dinoex.sub.org (Dirk Meyer), freebsd-ports@FreeBSD.ORG Subject: Re: Clarification on ports openssl Date: Mon, 24 Mar 2003 11:13:39 -0800 User-Agent: KMail/1.4.3 References: <200303211533.58366.dsilver@urchin.com> In-Reply-To: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Message-Id: <200303241113.17303.dsilver@urchin.com> X-Filter-Version: 1.7 (mail.urchin.com) X-Spam-Status: No, hits=-31.9 required=5.0 tests=EMAIL_ATTRIBUTION,IN_REP_TO,QUOTED_EMAIL_TEXT,REFERENCES, REPLY_WITH_QUOTES,USER_AGENT_KMAIL autolearn=ham version=2.50 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp) Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Thanks for the patch Dirk - Please correct me if I'm wrong on this, but won't the ports/Mk files get=20 updated during a 'make update', so I would need to patch this each time? = I'd=20 rather do that than worry about updating a Makefile for a particular buil= d. Thanks. -doug On Friday 21 March 2003 10:33 pm, Dirk Meyer wrote: > Doug Silver wrote:, > > > I have the latest openssl port installed and the following in make.co= nf > > but it seemed to get ignored during the build: > > > > [mod_php4]# egrep -i openssl /etc/make.conf > > USE_OPENSSL_PORT=3Dyes > > fine ... valid > > > OPENSSLBASE=3D /usr/local > > OPENSSLDIR=3D /usr/local/etc/ssl > > This settings are overritten bye the Makefiles. > > > So I forced the issue: > > However even that doesn't seem to work: > > [snip from end of "make" ] > > /usr/local/lib/libc-client4.so: warning: tmpnam() possibly used unsaf= ely; > > consider using mkstemp() > > /usr/libexec/elf/ld: warning: libcrypto.so.2, needed by > > /usr/local/lib/libc-client4.so, may conflict with libcrypto.so.3 > > yes, you need all libs to be build against the same version of openssl. > > > I realize the cclient is the problem, but beyond hacking the code to = link > > libcrypto to /usr/local I wanted to check here first. Am I missing > > something that should be set in /etc/make.conf or elsewhere? I see f= rom > > a January thread that Dirk wrote: > > Subject: Re: USE_OPENSSL and openssl from ports... > > right... > > > > USE_OPENSSL is defunct, see PR from June 2002: > > http://www.freebsd.org/cgi/query-pr.cgi?pr=3Dports/39054 > > No comment has been made on this problem... > only CURRENT and STABLE users don't suffer from it. > > > But from that PR it seems like there should be a Mk/bsd.openssl.mk fi= le, > > or perhaps it was merged into the main bsd.port.mk? Even so, how sho= uld > > the openssl port be maintened so other ports link against it instead = of > > the base one? I hope the answer isn't to overwrite the base ;) > > unless bsd.port.mk can be changed, you have to modify the makefiles in = the > ports you use. > > you have to fix all ports. Remove the line: > USE_OPENSSL=3D yes > > and add later (after bsd.pre.mk): > .include "${PORTSDIR}/security/openssl/Makefile.ssl" > > See for examples the ports: > > /usr/ports/ftp/curl/Makefile > /usr/ports/mail/pantomime-ssl/Makefile > /usr/ports/mail/sendmail/Makefile > /usr/ports/mail/sendmail-old/Makefile > /usr/ports/net/bind9-dlz/Makefile > /usr/ports/news/suck/Makefile > /usr/ports/security/openssh/Makefile > /usr/ports/security/openssh-portable/Makefile > /usr/ports/security/openssl/Makefile.ssl > /usr/ports/www/apache13-modssl/Makefile > /usr/ports/www/apache13-ssl/Makefile > > The easy way is to apply thsi patch > > kind regards Dirk > > - Dirk Meyer, Im Grund 4, 34317 Habichtswald, Germany > - [dirk.meyer@dinoex.sub.org],[dirk.meyer@guug.de],[dinoex@FreeBSD.org] > > Index: bsd.port.mk > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > RCS file: /home/pcvs/ports/Mk/bsd.port.mk,v > retrieving revision 1.444 > diff -u -r1.444 bsd.port.mk > --- bsd.port.mk=0922 Mar 2003 04:45:24 -0000=091.444 > +++ bsd.port.mk=0922 Mar 2003 06:33:30 -0000 > @@ -927,45 +927,7 @@ > .endif # !defined(PERL_LEVEL) && defined(PERL_VERSION) > > .if defined(USE_OPENSSL) > -.if ${OSVERSION} >=3D 400014 > -.if !exists(/usr/lib/libcrypto.so) > -.BEGIN: > -=09@${ECHO_CMD} "This port requires the OpenSSL library, which is part= of" > -=09@${ECHO_CMD} "the FreeBSD crypto distribution but not installed on = your" > -=09@${ECHO_CMD} "machine. Please see the \"OpenSSL\" section in the > handbook" -=09@${ECHO_CMD} "(at > \"http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/openssl.htm= l\", > for instance)" -=09@${ECHO_CMD} "for instructions on how to obtain and > install the FreeBSD" -=09@${ECHO_CMD} "OpenSSL distribution." > -=09@${FALSE} > -.else > -OPENSSLBASE=3D=09/usr > -OPENSSLDIR=3D=09=09/etc/ssl > -# OpenSSL in the base system may not include IDEA for patent licensing > reasons. -.if defined(MAKE_IDEA) && !defined(OPENSSL_IDEA) > -OPENSSL_IDEA=3D=09${MAKE_IDEA} > -.else > -OPENSSL_IDEA?=3D=09NO > -.endif > -.if ${OPENSSL_IDEA} =3D=3D "NO" > -# XXX This is a hack to work around the fact that /etc/make.conf clobb= ers > -# our CFLAGS. It might not be enough for all future ports. > -.if defined(HAS_CONFIGURE) > -CFLAGS+=3D=09=09-DNO_IDEA > -.else > -OPENSSL_CFLAGS+=3D-DNO_IDEA > -.endif > -MAKE_ARGS+=3D=09=09OPENSSL_CFLAGS=3D"${OPENSSL_CFLAGS}" > -.endif > -.endif > -.else > -LIB_DEPENDS+=3D=09crypto.2:${PORTSDIR}/security/openssl > -OPENSSLBASE?=3D=09${LOCALBASE} > -OPENSSLDIR?=3D=09${OPENSSLBASE}/openssl > -.endif > -OPENSSLLIB=3D=09=09${OPENSSLBASE}/lib > -OPENSSLINC=3D=09=09${OPENSSLBASE}/include > -MAKE_ENV+=3D=09=09OPENSSLLIB=3D${OPENSSLLIB} OPENSSLINC=3D${OPENSSLINC= } \ > -=09=09=09=09OPENSSLBASE=3D${OPENSSLBASE} OPENSSLDIR=3D${OPENSSLDIR} > +.include "${PORTSDIR}/security/Makefile.ssl" > .endif > > .if defined(EMACS_PORT_NAME) > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message