From nobody Thu Oct 6 20:04:23 2022 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Mk2TQ64x4z4fMBn; Thu, 6 Oct 2022 20:04:26 +0000 (UTC) (envelope-from matthias.andree@tu-dortmund.de) Received: from unimail.uni-dortmund.de (mx1.hrz.uni-dortmund.de [129.217.128.51]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "unimail.tu-dortmund.de", Issuer "GEANT OV RSA CA 4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Mk2TQ4bWnz3lwB; Thu, 6 Oct 2022 20:04:26 +0000 (UTC) (envelope-from matthias.andree@tu-dortmund.de) Received: from mandree.no-ip.org (p54a03871.dip0.t-ipconnect.de [84.160.56.113]) (authenticated bits=0) by unimail.uni-dortmund.de (8.17.1.9/8.17.1) with ESMTPSA id 296K4OSM002261 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT); Thu, 6 Oct 2022 22:04:24 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=tu-dortmund.de; s=unimail; t=1665086664; bh=KddcWgASdoozoelio/Z202nHZfoyML/rBdGwA9GRC90=; h=Date:Subject:To:Cc:References:From:In-Reply-To; b=JkQUdPdHwIRC91Jvsm42yi/O4AAR3slUnDOq29ngYOZ6ArVawm4ksaZcuUWRzAhvR Vb11eJs3G9WoxYdNDoOuauHnS8s5fk2gO7BL9RzDGWLaJByOT2AfK/3KoGdh+L0fXp SAJZz3pWtw0opp9PuNZMMdWo1bRH2W/r3zHHiXyc= Received: from [127.0.0.1] (localhost [127.0.0.1]) by ryzen.an3e.de (Postfix) with ESMTP id D150A916FAC; Thu, 6 Oct 2022 22:04:23 +0200 (CEST) Message-ID: <5bf28223-f496-0aa7-3dd2-9294ff4237c3@tu-dortmund.de> Date: Thu, 6 Oct 2022 22:04:23 +0200 List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.3.1 Subject: Re: git: 9a36ff5299c8 - main - ftp/lftp: Fix build with libressl >= 2.7.0 Content-Language: en-US, de-DE, en-GB, fr-FR, nl-NL To: Ganael Laplanche , Ganael LAPLANCHE , ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Cc: portmgr References: <202210051845.295Ijrbg014568@gitrepo.freebsd.org> <34183267-0f60-bb0d-61c8-424d3b704fcd@tu-dortmund.de> From: Matthias Andree In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Rspamd-Queue-Id: 4Mk2TQ4bWnz3lwB X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[] X-ThisMailContainsUnwantedMimeParts: N Am 06.10.22 um 21:06 schrieb Ganael Laplanche: > Le 05/10/2022 à 21:20, Matthias Andree a écrit : > > Hello Matthias, > > > > Thanks for your feedback. > > > > > please decide to > > > > > >   either mark this NO_PACKAGE, > > > > > >   or if we want to continue providing binary packages: > > > > > >   *   remove the LibreSSL option, you cannot link GPLv3 software with > > >     LibreSSL, > > >   *   and ensure that OpenSSL is either "from base" (GPL copyleft does > > >     not apply to OS components (*)), or v3.0.x or newer (OpenSSL v3 is > > >     Apache licensed and compatible with GPL v3). OpenSSL 1.x or older > > >     from ports also cannot be used for binary shipments. > > > > There is no such 'LibreSSL' option within the port itself. It only uses : > > > >   USES=ssl > > > > so it *can* be linked against libressl using the global : > > > >   DEFAULT_VERSIONS+=ssl=libressl > > > > variable set (that's what my last commit fixed), but it is an opt-in > and *not* the default, which is set to 'base'. > > > > FreeBSD package build servers use that default configuration, so we > (FreeBSD) do *not* build and provide packages linked against libressl, > but only against base openssl. > > > > So everything should be good or am I missing something ? > Ganaël, Thanks for checking. Seems good, and possibly - with that reasoning - it's more the licensing framework that might want to check what licenses combine well and which don't. (I just don't understand the benefit of supporting LibreSSL in the framework at all. There have been a few months where LibreSSL was "better" than OpenSSL) Regards Matthias