From owner-freebsd-ports@freebsd.org Wed May 5 19:08:34 2021 Return-Path: Delivered-To: freebsd-ports@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C08035FFBE8 for ; Wed, 5 May 2021 19:08:34 +0000 (UTC) (envelope-from freebsd@grem.de) Received: from mail.evolve.de (mail.evolve.de [213.239.217.29]) (using TLSv1.3 with cipher TLS_CHACHA20_POLY1305_SHA256 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA512 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail.evolve.de", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fb5pV26V9z4dpf; Wed, 5 May 2021 19:08:33 +0000 (UTC) (envelope-from freebsd@grem.de) Received: by mail.evolve.de (OpenSMTPD) with ESMTP id d4bc4cb8; Wed, 5 May 2021 19:08:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=grem.de; h=content-type :content-transfer-encoding:mime-version:subject:from:in-reply-to :date:cc:message-id:references:to; s=20180501; bh=rYi6xiBj01Gr62 IHeBaEClAOvtY=; b=YuN3KA1ggcmA2Y8ySjnzOfT+OLbTHAH939VkQqcYlycVyI HLHh3IXvHWEz7MCZ4hCMdte/ubyCNzAQObfL9qhYy1VbIPgNZsvBs5aI49vbzAHH Ap1Fg4nQZG+q1MteE+pMZ/x2MIn0RejiIbLInDWlpNGMRqzJRWSco9xBAWEPMCLf zB3zfka8EYDKJKyy/Sma7UqCb7mV13aVtEIBa40eJovN5k7sW7ACDnBpwSzSZ9lX PbMv3X8M/8yBOjrjCLaBm60r3flsAHP59POlul0dwNWHmqYzcfNA5U4kiocoln2w cWeNNEVd8a6f7LmwZGRltrbppd9B5I1NEZdxdcsA== DomainKey-Signature: a=rsa-sha1; c=nofws; d=grem.de; h=content-type :content-transfer-encoding:mime-version:subject:from:in-reply-to :date:cc:message-id:references:to; q=dns; s=20180501; b=IcN/uUrx 994cvSnqz8Kv8UVu4O9NulLSynV4WO48ux4tg8BASAXNwYhhpwgEmDHhwA0yzpEI 46OiKtFmUDHI5h4YQj/oUe8CI5gdiJKfRhiVKVwwf2A1KpjBgFfp2a/AAvI0DSAT p7w9tgzBntaPx/MYk2kMd/r2uWe8ZEwoiHPblT99f0pi8fiaVvii4I1pU2UGo8Ew SlC4quPHj/jsahz5KUP4GL48fK9wmwdIvg/NmtE0BsGs3ykFXKq9Bivxz50VAwTH gxQzdaaI4zS945xMhhchtESjzSgrHkduEScrapjEJQQVSUEJfuMhAOvQQX/djqnV L227QaGemejOFQ== Received: by mail.evolve.de (OpenSMTPD) with ESMTPSA id 1aae40a2 (TLSv1.3:AEAD-CHACHA20-POLY1305-SHA256:256:NO); Wed, 5 May 2021 19:08:28 +0000 (UTC) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (1.0) Subject: Re: Making a port to use OpenSSL of ports collection on FreeBSD 11.x From: Michael Gmelin In-Reply-To: <12e142be-43c8-70fc-d0d8-d17969d8c734@freebsd.org> Date: Wed, 5 May 2021 21:08:26 +0200 Cc: freebsd-ports@freebsd.org Message-Id: <881013A8-7223-4A35-8FBE-5247889D2D72@grem.de> References: <12e142be-43c8-70fc-d0d8-d17969d8c734@freebsd.org> To: Stefan Esser , Yasuhiro Kimura X-Mailer: iPhone Mail (18E212) X-Rspamd-Queue-Id: 4Fb5pV26V9z4dpf X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[] X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 May 2021 19:08:34 -0000 > On 5. May 2021, at 18:56, Stefan Esser wrote: >=20 > =EF=BB=BFAm 05.05.21 um 18:00 schrieb Yasuhiro Kimura: >> You misunderstand my intention. What I would like to do is to make a >> port use security/openssl instead of base OpenSSL even if user sets >> 'DEFAULT_VERSIONS+=3Dssl=3Dbase' in /etc/make.conf (or user doesn't >> customize setting about ssl at all). Stefan=E2=80=98s suggestion is AFAIK the best we can do. mail/opensmtpd has an example of that, but it still requires the user to act= ively select the OpenSSL library (mixing OpenSSL libraries in a package set i= s problematic). Best, Michael >=20 > You can mark the port as broken if the user has selected "base" and > this is incompatible with the port's requirements. E.g.: >=20 > .include >=20 > .if ${SSL_DEFAULT} =3D=3D base > BROKEN_FreeBSD_11=3D OpenSSL 1.1 required > .endif >=20 > .include >=20 > You can of course add a better message, and the user can decide to > try the compilation again after changing the default. But this will > of course prevent the building of official packages for FreeBSD-11. >=20 >> As I wrote previous mail, if 'USES=3Dpython:3.8+' is specified in >> Makefile of a port, lang/python38 is used for the port event if user >> adds 'DEFAULT_VERSIONS+=3Dpython=3D3.7' in /etc/make.conf. I'm looking fo= r >> similar way about ssl setting. >=20 > You could add a dependency on the openssl port and make sure, that > the port's include file and library is used in preference of the > base version on FreeBSD-11. >=20 > But you have to consider the risk of mixing references to the base and > the ports version in one binary (e.g. other libraries are linked in that > had been built against the base version). >=20 > Regards, STefan >=20