From owner-freebsd-ports@FreeBSD.ORG Thu Jan 29 08:27:00 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6EB038D4 for ; Thu, 29 Jan 2015 08:27:00 +0000 (UTC) Received: from nskntqsrv03p.mx.bigpond.com (nskntqsrv03p.mx.bigpond.com [61.9.168.237]) by mx1.freebsd.org (Postfix) with ESMTP id 09DE52B2 for ; Thu, 29 Jan 2015 08:26:59 +0000 (UTC) Received: from nskntcmgw07p ([61.9.169.167]) by nskntmtas05p.mx.bigpond.com with ESMTP id <20150129082343.GZIL19653.nskntmtas05p.mx.bigpond.com@nskntcmgw07p>; Thu, 29 Jan 2015 08:23:43 +0000 Received: from hermes.heuristicsystems.com.au ([203.41.22.114]) by nskntcmgw07p with BigPond Outbound id lkPi1p00g2ThMyb01kPiJk; Thu, 29 Jan 2015 08:23:43 +0000 X-Authority-Analysis: v=2.0 cv=JN65Qr2b c=1 sm=1 a=tBIanQelQkU72CJWnm+MWA==:17 a=XD52yEjQpfAA:10 a=N659UExz7-8A:10 a=GHIR_BbyAAAA:8 a=YNv0rlydsVwA:10 a=6I5d2MoRAAAA:8 a=wSLiqx2V8GxqrpMQDP4A:9 a=pILNOxqGKmIA:10 a=tBIanQelQkU72CJWnm+MWA==:117 Received: from [10.0.5.3] (ewsw01.hs [10.0.5.3]) (authenticated bits=0) by hermes.heuristicsystems.com.au (8.14.5/8.13.6) with ESMTP id t0T8LsHH022495 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Thu, 29 Jan 2015 19:22:00 +1100 (EST) (envelope-from dewayne.geraghty@heuristicsystems.com.au) Message-ID: <54C9EDA1.40003@heuristicsystems.com.au> Date: Thu, 29 Jan 2015 19:21:53 +1100 From: Dewayne Geraghty User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Thunderbird/31.4.0 MIME-Version: 1.0 To: Matthew Seaman Subject: Re: Sprinkling WITH_OPENSSL_BASE in ports, ratbox build failure. References: <54C87A38.3070909@heuristicsystems.com.au> <54C892ED.80509@infracaninophile.co.uk> In-Reply-To: <54C892ED.80509@infracaninophile.co.uk> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Cc: freebsd-ports@freebsd.org X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Jan 2015 08:27:00 -0000 On 28/01/2015 6:42 PM, Matthew Seaman wrote: > On 2015/01/28 05:57, Dewayne Geraghty wrote: >> ratbox generated an unusual error message today, via portmaster on a >> 10.1Stable, amd64 system >> However commenting out the recently inserted >> WITH_OPENSSL_BASE=yes >> from the Makefile enables the build to complete and uses the correct >> crypto and ssl libraries. Shouldn't it be an option base or port? Or >> is the openssl port going to go away? > More like the other way around: ports will use the openssl version from > ports exclusively, and the version in the base system will move into a > private location. (This is my understanding of current thinking, but I > make no guarantee that it is what does eventually get implemented.) > > The ircd-ratbox port doesn't appear to be doing anything unusual with > respect to openssl support that I can see from a quick inspection of the > port Makefile. > > If you've just added 'WITH_OPENSSL_BASE' to your make.conf, then (a) you > potentially need to recompile many ports which depend on openssl so you > don't end up with mixed linkage against both ports and base, and (b) > some ports require the ports version of openssl because they depend on > functionality only in the newer version available from ports. > > Personally, I prefer 'WITH_OPENSSL_PORT=yes' It's meant I have been > able to turn off SSLv2 and SSLv3 everywhere pretty simply (no more > POODLE...) > > Cheers, > > Matthew > > Matthew, Thank-you for taking the time to review and advise. It turned out that WITH_OPENSSL_BASE was inserted into the irc-ratbox/Makefile some time about but only recently took effect due to the addition of USE= openssl (#1) which triggered the application of openssl from base [Thanks to John Marshall for explaining the sequence, offline]. I do have WITH_OPENSSL_PORT in my old ports.conf so when I removed the WITH_OPENSSL_BASE from the Makefile everything went as expected. Since our email exchange the Makefile has been modified and the world is a happier place for it ;) Kind regards, Dewayne. PS I still use WITH/WITHOUT options in ports.conf as I have a filter that does the correct ..._SET/.._UNSET work. Done at a time during high ports flux. Reference: #1 I suspect that this had something to do with it https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=195796