From owner-svn-ports-head@freebsd.org Wed Nov 6 00:29:59 2019 Return-Path: Delivered-To: svn-ports-head@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id CC7D21AB8BA; Wed, 6 Nov 2019 00:29:59 +0000 (UTC) (envelope-from eugen@freebsd.org) Received: from hz.grosbein.net (hz.grosbein.net [IPv6:2a01:4f8:c2c:26d8::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4776qq4LFfz4FQh; Wed, 6 Nov 2019 00:29:59 +0000 (UTC) (envelope-from eugen@freebsd.org) Received: from eg.sd.rdtc.ru (eg.sd.rdtc.ru [IPv6:2a03:3100:c:13:0:0:0:5]) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id xA60Tod1045158 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 6 Nov 2019 00:29:51 GMT (envelope-from eugen@freebsd.org) X-Envelope-From: eugen@freebsd.org X-Envelope-To: bapt@FreeBSD.org Received: from [10.58.0.4] ([10.58.0.4]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTPS id xA60Tl6L073091 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Wed, 6 Nov 2019 07:29:47 +0700 (+07) (envelope-from eugen@freebsd.org) Subject: Re: svn commit: r515574 - head/security/cyrus-sasl2 To: Baptiste Daroussin References: <201910250321.x9P3LHo9092172@repo.freebsd.org> <20191105131059.bpgmjwj3ma5isi3i@ivaldir.net> Cc: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org From: Eugene Grosbein Message-ID: <29839eb7-5c7b-9c50-c60a-351bd9267c80@freebsd.org> Date: Wed, 6 Nov 2019 07:29:41 +0700 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <20191105131059.bpgmjwj3ma5isi3i@ivaldir.net> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-1.6 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_SOFTFAIL autolearn=no autolearn_force=no version=3.4.2 X-Spam-Report: * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 0.7 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) * 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on hz.grosbein.net X-Rspamd-Queue-Id: 4776qq4LFfz4FQh X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-1.90 / 15.00]; local_wl_from(0.00)[freebsd.org]; NEURAL_HAM_MEDIUM(-0.90)[-0.900,0]; ASN(0.00)[asn:24940, ipnet:2a01:4f8::/29, country:DE]; NEURAL_HAM_LONG(-1.00)[-1.000,0] X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Nov 2019 00:29:59 -0000 05.11.2019 20:12, Baptiste Daroussin wrote: > On Fri, Oct 25, 2019 at 03:21:17AM +0000, Eugene Grosbein wrote: >> Author: eugen >> Date: Fri Oct 25 03:21:16 2019 >> New Revision: 515574 >> URL: https://svnweb.freebsd.org/changeset/ports/515574 >> >> Log: >> security/cyrus-sasl2: unbreak building with stock OpenSSL for stable/11 >> >> Sendmail bundled with FreeBSD has SASL support and the Handbook tells >> how to rebuild the Sendmail with SASL enabled if you have installed >> cyrus-sasl2 that links with OpenSSL's libcrypto. >> >> Sendmail uses old OpenSSL 1.0.2 API, so cyrus-sasl2 should be built >> with stock libcrypto even if newer OpenSSL is installed for Ports. >> >> This change adds new option SSL to the port (enabled by default). >> If disabled, cyrus-sasl2 is built witch stock libcrypto not depending >> on ports version of OpenSSL. >> >> PORTREVISION not changed as default build is not affected. >> >> Modified: >> head/security/cyrus-sasl2/Makefile >> head/security/cyrus-sasl2/Makefile.common >> >> Modified: head/security/cyrus-sasl2/Makefile >> ============================================================================== >> --- head/security/cyrus-sasl2/Makefile Fri Oct 25 03:15:48 2019 (r515573) >> +++ head/security/cyrus-sasl2/Makefile Fri Oct 25 03:21:16 2019 (r515574) >> @@ -11,13 +11,14 @@ CYRUS_CONFIGURE_ARGS= --with-saslauthd=${SASLAUTHD_RUN >> >> NO_OPTIONS_SORT= yes >> OPTIONS_DEFINE= ALWAYSTRUE AUTHDAEMOND DOCS KEEP_DB_OPEN \ >> - OBSOLETE_CRAM_ATTR OBSOLETE_DIGEST_ATTR >> + OBSOLETE_CRAM_ATTR OBSOLETE_DIGEST_ATTR SSL >> OPTIONS_RADIO= SASLDB >> OPTIONS_RADIO_SASLDB= BDB1 BDB GDBM LMDB >> OPTIONS_GROUP= PLUGIN >> OPTIONS_GROUP_PLUGIN= ANONYMOUS CRAM DIGEST LOGIN NTLM OTP PLAIN SCRAM >> OPTIONS_DEFAULT= ANONYMOUS AUTHDAEMOND BDB1 OBSOLETE_CRAM_ATTR CRAM \ >> - OBSOLETE_DIGEST_ATTR DIGEST LOGIN NTLM OTP PLAIN SCRAM >> + OBSOLETE_DIGEST_ATTR DIGEST LOGIN NTLM OTP PLAIN SCRAM \ >> + SSL >> OPTIONS_SUB= yes >> ALWAYSTRUE_DESC= Alwaystrue password verifier (discouraged) >> ALWAYSTRUE_CONFIGURE_ENABLE=alwaystrue >> @@ -61,6 +62,8 @@ PLAIN_DESC= PLAIN authentication >> PLAIN_CONFIGURE_ENABLE= plain >> SCRAM_DESC= SCRAM authentication >> SCRAM_CONFIGURE_ENABLE= scram >> +SSL_DESC= Uncheck this to use system openssl libraries >> +SSL_USES= ssl >> > I don't think this is the right approach. > > 1/ the option (double negative) is confusing. I'm open for naming suggestions as English is not my native language. > 2/ the default on for it makes it depends always on ports openssl, and mixing > port openssl and base openssl is always a mess for end users. You skipped part of change for security/cyrus-sasl2/Makefile.common I've just moved unconditional USES+=ssl from that file, so default ON does not change anything, no mixing.