From owner-freebsd-ports@FreeBSD.ORG Wed Apr 14 10:50:11 2004 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7E9F216A4DE; Wed, 14 Apr 2004 10:50:11 -0700 (PDT) Received: from transport.cksoft.de (transport.cksoft.de [62.111.66.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id 38FF743D45; Wed, 14 Apr 2004 10:50:10 -0700 (PDT) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from transport.cksoft.de (localhost [127.0.0.1]) by transport.cksoft.de (Postfix) with ESMTP id 82C881FF9AB; Wed, 14 Apr 2004 19:50:08 +0200 (CEST) Received: by transport.cksoft.de (Postfix, from userid 66) id 747191FF9A7; Wed, 14 Apr 2004 19:50:06 +0200 (CEST) Received: by mail.int.zabbadoz.net (Postfix, from userid 1060) id 41B00154BC; Wed, 14 Apr 2004 17:49:25 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.int.zabbadoz.net (Postfix) with ESMTP id 372BC1538C; Wed, 14 Apr 2004 17:49:25 +0000 (UTC) Date: Wed, 14 Apr 2004 17:49:25 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@e0-0.zab2.int.zabbadoz.net To: freebsd-ports@freebsd.org Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Virus-Scanned: by AMaViS cksoft-s20020300-20031204bz on transport.cksoft.de cc: dinoex@FreeBSD.org cc: nectar@freebsd.org Subject: SA-04:05 single patch && bsd.openssl.mk problem X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Apr 2004 17:50:11 -0000 Hi, when applying the patch from SA-04:05[1] and re-building changed parts of the base system opensslv.h does not get altered with the update like it did with the commits to the various branches [2]. [1] ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-04:05/openssl.patch [2] p.ex. http://www.freebsd.org/cgi/cvsweb.cgi/src/crypto/openssl/crypto/opensslv.h.diff?r1=1.1.1.1.2.8&r2=1.1.1.1.2.9 bsd.openssl.mk now doing a string compare on p.ex. "0.9.7a-p1" which will fail. Thus ports that set USE_OPENSSL will depend on the openssl package. This logic is broken as the base system is patched and the openssl package is not needed. So the SA patches should also update the version strings in headers - or more general commit the same parts (only) that get published as single patches (or even better the other way round: should publish a complete single patch from what got previously committed). What short term solutions are there for people building ports [ I do not really like any of those ] ? - setting USE_OPENSSL_BASE=yes seems to be a possible workaround forcing the version of the base system and not the port to be used. - patching the header file by hand is not a real solution but should work too. - would it be possible to make the check in bsd.openssl.mk somehow more intelligent to better detect a patched version ? - ... ? -- Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT 56 69 73 69 74 http://www.zabbadoz.net/