From owner-freebsd-current Mon Jan 17 13: 7:11 2000 Delivered-To: freebsd-current@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 758) id 42C3D14F1A; Mon, 17 Jan 2000 13:07:07 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id 329AD1CD468; Mon, 17 Jan 2000 13:07:07 -0800 (PST) (envelope-from kris@hub.freebsd.org) Date: Mon, 17 Jan 2000 13:07:07 -0800 (PST) From: Kris Kennaway To: ports@freebsd.org Cc: current@freebsd.org Subject: USE_OPENSSL Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG [Cross-posting to -current because I would like some feedback about the last paragraph - namely how to test for RSA capability] How about the following: 1) I bump OSVERSION due to the (potential) presence of openssl in the base system. 2) We add a USE_OPENSSL knob to bsd.port.mk which tests for this and the openssl libraries in /usr/lib, and sets LIB_DEPENDS appropriately. 3) Setting USE_OPENSSL=RSA requires a RSA-capable version of openssl (i.e. they've either built with USA_RESIDENT=NO, or have installed rsaref and rebuilt) and emits an explanatory warning if it's not available. The only problem I can see so far is how to tell whether RSA support is available. We can do a dynamic check to see if openssl(1) can actually do RSA, but that's not as good as an existence check of something. Currently we don't build libRSARefglue.a because I couldn't see what it was useful for (it's rolled into libcrypto for us), but this still wouldn't differentiate between an (international) full openssl a (USA) neutered one without rsaref. Hmm, it may cause problems for ports which expect it, though :-( Stuffing a file in /etc is an obvious solution, but there may be a better one. Anyone? Kris ---- "How many roads must a man walk down, before you call him a man?" "Eight!" "That was a rhetorical question!" "Oh..then, seven!" -- Homer Simpson To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message