From owner-svn-ports-head@freebsd.org  Tue Nov  5 13:47:12 2019
Return-Path: <owner-svn-ports-head@freebsd.org>
Delivered-To: svn-ports-head@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id B0DDA1A80A5;
 Tue,  5 Nov 2019 13:47:12 +0000 (UTC) (envelope-from mat@FreeBSD.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "smtp.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 476rZ84D3hz4Kx8;
 Tue,  5 Nov 2019 13:47:12 +0000 (UTC) (envelope-from mat@FreeBSD.org)
Received: from mail.j.mat.cc (owncloud.cube.mat.cc [79.143.240.228])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mail.mat.cc", Issuer "Let's Encrypt Authority X3" (verified OK))
 (Authenticated sender: mat/mail)
 by smtp.freebsd.org (Postfix) with ESMTPSA id 274CF2F934;
 Tue,  5 Nov 2019 13:47:12 +0000 (UTC) (envelope-from mat@FreeBSD.org)
Received: from ogg.in.absolight.net (ogg.in.absolight.net
 [IPv6:2a01:678:ab:50::42:42])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested) (Authenticated sender: mat@mat.cc)
 by mail.j.mat.cc (Postfix) with ESMTPSA id 4DE4D942D80;
 Tue,  5 Nov 2019 13:47:10 +0000 (UTC)
Date: Tue, 5 Nov 2019 14:47:10 +0100
From: Mathieu Arnold <mat@FreeBSD.org>
To: Baptiste Daroussin <bapt@FreeBSD.org>
Cc: Eugene Grosbein <eugen@FreeBSD.org>, ports-committers@freebsd.org,
 svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject: Re: svn commit: r515574 - head/security/cyrus-sasl2
Message-ID: <20191105134710.3hfqxau5mqxpnfbo@ogg.in.absolight.net>
References: <201910250321.x9P3LHo9092172@repo.freebsd.org>
 <20191105131059.bpgmjwj3ma5isi3i@ivaldir.net>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature"; boundary="5yravfvoth7qerkq"
Content-Disposition: inline
In-Reply-To: <20191105131059.bpgmjwj3ma5isi3i@ivaldir.net>
User-Agent: NeoMutt/20180622
X-BeenThere: svn-ports-head@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the ports tree for head
 <svn-ports-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-head>, 
 <mailto:svn-ports-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-head/>
List-Post: <mailto:svn-ports-head@freebsd.org>
List-Help: <mailto:svn-ports-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Nov 2019 13:47:12 -0000


--5yravfvoth7qerkq
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Nov 05, 2019 at 02:12:22PM +0100, Baptiste Daroussin wrote:
> On Fri, Oct 25, 2019 at 03:21:17AM +0000, Eugene Grosbein wrote:
> > Author: eugen
> > Date: Fri Oct 25 03:21:16 2019
> > New Revision: 515574
> > URL: https://svnweb.freebsd.org/changeset/ports/515574
> >=20
> > Log:
> >   security/cyrus-sasl2: unbreak building with stock OpenSSL for stable/=
11
> >  =20
> >   Sendmail bundled with FreeBSD has SASL support and the Handbook tells
> >   how to rebuild the Sendmail with SASL enabled if you have installed
> >   cyrus-sasl2 that links with OpenSSL's libcrypto.
> >  =20
> >   Sendmail uses old OpenSSL 1.0.2 API, so cyrus-sasl2 should be built
> >   with stock libcrypto even if newer OpenSSL is installed for Ports.
> >  =20
> >   This change adds new option SSL to the port (enabled by default).
> >   If disabled, cyrus-sasl2 is built witch stock libcrypto not depending
> >   on ports version of OpenSSL.
> >  =20
> >   PORTREVISION not changed as default build is not affected.
> >=20
> > Modified:
> >   head/security/cyrus-sasl2/Makefile
> >   head/security/cyrus-sasl2/Makefile.common
> >=20
> > Modified: head/security/cyrus-sasl2/Makefile
> > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
> > --- head/security/cyrus-sasl2/Makefile	Fri Oct 25 03:15:48 2019	(r51557=
3)
> > +++ head/security/cyrus-sasl2/Makefile	Fri Oct 25 03:21:16 2019	(r51557=
4)
> > @@ -11,13 +11,14 @@ CYRUS_CONFIGURE_ARGS=3D	--with-saslauthd=3D${SASLAU=
THD_RUN
> > =20
> >  NO_OPTIONS_SORT=3D	yes
> >  OPTIONS_DEFINE=3D		ALWAYSTRUE AUTHDAEMOND DOCS KEEP_DB_OPEN \
> > -			OBSOLETE_CRAM_ATTR OBSOLETE_DIGEST_ATTR
> > +			OBSOLETE_CRAM_ATTR OBSOLETE_DIGEST_ATTR SSL
> >  OPTIONS_RADIO=3D		SASLDB
> >  OPTIONS_RADIO_SASLDB=3D	BDB1 BDB GDBM LMDB
> >  OPTIONS_GROUP=3D		PLUGIN
> >  OPTIONS_GROUP_PLUGIN=3D	ANONYMOUS CRAM DIGEST LOGIN NTLM OTP PLAIN SCR=
AM
> >  OPTIONS_DEFAULT=3D	ANONYMOUS AUTHDAEMOND BDB1 OBSOLETE_CRAM_ATTR CRAM \
> > -			OBSOLETE_DIGEST_ATTR DIGEST LOGIN NTLM OTP PLAIN SCRAM
> > +			OBSOLETE_DIGEST_ATTR DIGEST LOGIN NTLM OTP PLAIN SCRAM \
> > +			SSL
> >  OPTIONS_SUB=3D		yes
> >  ALWAYSTRUE_DESC=3D	Alwaystrue password verifier (discouraged)
> >  ALWAYSTRUE_CONFIGURE_ENABLE=3Dalwaystrue
> > @@ -61,6 +62,8 @@ PLAIN_DESC=3D		PLAIN authentication
> >  PLAIN_CONFIGURE_ENABLE=3D	plain
> >  SCRAM_DESC=3D		SCRAM authentication
> >  SCRAM_CONFIGURE_ENABLE=3D	scram
> > +SSL_DESC=3D		Uncheck this to use system openssl libraries
> > +SSL_USES=3D		ssl
> > =20
> I don't think this is the right approach.
>=20
> 1/ the option (double negative) is confusing.
> 2/ the default on for it makes it depends always on ports openssl, and mi=
xing
> port openssl and base openssl is always a mess for end users.

Mmmm, unless I am missing something, I think you are both wrong.
USES=3Dssl means "this port uses openssl", it does absolutely nothing
about using openssl from ports or from the base system, this is left to
the user by setting DEFAULT_VERSIONS+=3Dssl=3Dxxx in their make.conf.

--=20
Mathieu Arnold

--5yravfvoth7qerkq
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQKTBAABCgB9FiEEOraXidLtEhBkQLpbOkUW81GDzkgFAl3BfV1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNB
QjY5Nzg5RDJFRDEyMTA2NDQwQkE1QjNBNDUxNkYzNTE4M0NFNDgACgkQOkUW81GD
zkgiyxAAsq6T/np2DtsFhS/Z/f5PjtSVai1a3iun9wPp17t+QunUUy2TahQ8BudD
7z7yQVFqcWViujaL2x1tkO4gawVsVJ1iAv/zj/WSdLX4fHqIXeXulfMdvVXCMc7K
vcy0+T5ryz7p4C1S19cASbuEasAyhZHAghTn/sX7jtaNjhQB5URWY9q1as/hishR
FtECS9bOEn74flJILzDQ7nHSkQ33t3Q62lNyaxEWDFqTS7TRZgFOcQidLZK2rAj5
SByVrAoxEm3Jzsj4JLE231XN/wTv/DmnHdEVun6vCObdjsJUSyBU5HJv3Rdcha2d
clCBWUE0DYeARfg/hxzOESNflKxCl4PQoXunExk+HqiYv/vCmfQh7rErgCQZ7sv9
73B45c/MGfB/OVNqdBGblXPc3VdcDmX2vVaao1K8qllu1R8F1iVo0nxk0ZRY28v3
zZmbPBJ1yVy7/uIoPDRcAiLjrm9SwJUaHQWvEx7E33BkjT4EnAYFNB/fs11n9JQV
iWlDUqhPKzWIsOkQaB8KCBYermsQqVx0FJq+w6vQk4YDgIerAD8Y0shurrf3THZI
J6l/augSBgYFHtAg6thEc3toKDAnFBNoTXhTkQpSpkW6Cga2GyVcfrI4ECDGTZNU
Eit9EP5pQlIe9RXE/7VwK7kd74JLtqi0a1XpOx9QLgHEItyIE3U=
=aMRt
-----END PGP SIGNATURE-----

--5yravfvoth7qerkq--