Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 5 Nov 2019 14:47:10 +0100
From:      Mathieu Arnold <mat@FreeBSD.org>
To:        Baptiste Daroussin <bapt@FreeBSD.org>
Cc:        Eugene Grosbein <eugen@FreeBSD.org>, ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   Re: svn commit: r515574 - head/security/cyrus-sasl2
Message-ID:  <20191105134710.3hfqxau5mqxpnfbo@ogg.in.absolight.net>
In-Reply-To: <20191105131059.bpgmjwj3ma5isi3i@ivaldir.net>
References:  <201910250321.x9P3LHo9092172@repo.freebsd.org> <20191105131059.bpgmjwj3ma5isi3i@ivaldir.net>

next in thread | previous in thread | raw e-mail | index | archive | help

--5yravfvoth7qerkq
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Nov 05, 2019 at 02:12:22PM +0100, Baptiste Daroussin wrote:
> On Fri, Oct 25, 2019 at 03:21:17AM +0000, Eugene Grosbein wrote:
> > Author: eugen
> > Date: Fri Oct 25 03:21:16 2019
> > New Revision: 515574
> > URL: https://svnweb.freebsd.org/changeset/ports/515574
> >=20
> > Log:
> >   security/cyrus-sasl2: unbreak building with stock OpenSSL for stable/=
11
> >  =20
> >   Sendmail bundled with FreeBSD has SASL support and the Handbook tells
> >   how to rebuild the Sendmail with SASL enabled if you have installed
> >   cyrus-sasl2 that links with OpenSSL's libcrypto.
> >  =20
> >   Sendmail uses old OpenSSL 1.0.2 API, so cyrus-sasl2 should be built
> >   with stock libcrypto even if newer OpenSSL is installed for Ports.
> >  =20
> >   This change adds new option SSL to the port (enabled by default).
> >   If disabled, cyrus-sasl2 is built witch stock libcrypto not depending
> >   on ports version of OpenSSL.
> >  =20
> >   PORTREVISION not changed as default build is not affected.
> >=20
> > Modified:
> >   head/security/cyrus-sasl2/Makefile
> >   head/security/cyrus-sasl2/Makefile.common
> >=20
> > Modified: head/security/cyrus-sasl2/Makefile
> > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
> > --- head/security/cyrus-sasl2/Makefile	Fri Oct 25 03:15:48 2019	(r51557=
3)
> > +++ head/security/cyrus-sasl2/Makefile	Fri Oct 25 03:21:16 2019	(r51557=
4)
> > @@ -11,13 +11,14 @@ CYRUS_CONFIGURE_ARGS=3D	--with-saslauthd=3D${SASLAU=
THD_RUN
> > =20
> >  NO_OPTIONS_SORT=3D	yes
> >  OPTIONS_DEFINE=3D		ALWAYSTRUE AUTHDAEMOND DOCS KEEP_DB_OPEN \
> > -			OBSOLETE_CRAM_ATTR OBSOLETE_DIGEST_ATTR
> > +			OBSOLETE_CRAM_ATTR OBSOLETE_DIGEST_ATTR SSL
> >  OPTIONS_RADIO=3D		SASLDB
> >  OPTIONS_RADIO_SASLDB=3D	BDB1 BDB GDBM LMDB
> >  OPTIONS_GROUP=3D		PLUGIN
> >  OPTIONS_GROUP_PLUGIN=3D	ANONYMOUS CRAM DIGEST LOGIN NTLM OTP PLAIN SCR=
AM
> >  OPTIONS_DEFAULT=3D	ANONYMOUS AUTHDAEMOND BDB1 OBSOLETE_CRAM_ATTR CRAM \
> > -			OBSOLETE_DIGEST_ATTR DIGEST LOGIN NTLM OTP PLAIN SCRAM
> > +			OBSOLETE_DIGEST_ATTR DIGEST LOGIN NTLM OTP PLAIN SCRAM \
> > +			SSL
> >  OPTIONS_SUB=3D		yes
> >  ALWAYSTRUE_DESC=3D	Alwaystrue password verifier (discouraged)
> >  ALWAYSTRUE_CONFIGURE_ENABLE=3Dalwaystrue
> > @@ -61,6 +62,8 @@ PLAIN_DESC=3D		PLAIN authentication
> >  PLAIN_CONFIGURE_ENABLE=3D	plain
> >  SCRAM_DESC=3D		SCRAM authentication
> >  SCRAM_CONFIGURE_ENABLE=3D	scram
> > +SSL_DESC=3D		Uncheck this to use system openssl libraries
> > +SSL_USES=3D		ssl
> > =20
> I don't think this is the right approach.
>=20
> 1/ the option (double negative) is confusing.
> 2/ the default on for it makes it depends always on ports openssl, and mi=
xing
> port openssl and base openssl is always a mess for end users.

Mmmm, unless I am missing something, I think you are both wrong.
USES=3Dssl means "this port uses openssl", it does absolutely nothing
about using openssl from ports or from the base system, this is left to
the user by setting DEFAULT_VERSIONS+=3Dssl=3Dxxx in their make.conf.

--=20
Mathieu Arnold

--5yravfvoth7qerkq
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQKTBAABCgB9FiEEOraXidLtEhBkQLpbOkUW81GDzkgFAl3BfV1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNB
QjY5Nzg5RDJFRDEyMTA2NDQwQkE1QjNBNDUxNkYzNTE4M0NFNDgACgkQOkUW81GD
zkgiyxAAsq6T/np2DtsFhS/Z/f5PjtSVai1a3iun9wPp17t+QunUUy2TahQ8BudD
7z7yQVFqcWViujaL2x1tkO4gawVsVJ1iAv/zj/WSdLX4fHqIXeXulfMdvVXCMc7K
vcy0+T5ryz7p4C1S19cASbuEasAyhZHAghTn/sX7jtaNjhQB5URWY9q1as/hishR
FtECS9bOEn74flJILzDQ7nHSkQ33t3Q62lNyaxEWDFqTS7TRZgFOcQidLZK2rAj5
SByVrAoxEm3Jzsj4JLE231XN/wTv/DmnHdEVun6vCObdjsJUSyBU5HJv3Rdcha2d
clCBWUE0DYeARfg/hxzOESNflKxCl4PQoXunExk+HqiYv/vCmfQh7rErgCQZ7sv9
73B45c/MGfB/OVNqdBGblXPc3VdcDmX2vVaao1K8qllu1R8F1iVo0nxk0ZRY28v3
zZmbPBJ1yVy7/uIoPDRcAiLjrm9SwJUaHQWvEx7E33BkjT4EnAYFNB/fs11n9JQV
iWlDUqhPKzWIsOkQaB8KCBYermsQqVx0FJq+w6vQk4YDgIerAD8Y0shurrf3THZI
J6l/augSBgYFHtAg6thEc3toKDAnFBNoTXhTkQpSpkW6Cga2GyVcfrI4ECDGTZNU
Eit9EP5pQlIe9RXE/7VwK7kd74JLtqi0a1XpOx9QLgHEItyIE3U=
=aMRt
-----END PGP SIGNATURE-----

--5yravfvoth7qerkq--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20191105134710.3hfqxau5mqxpnfbo>