Date: Fri, 03 Apr 2015 20:49:54 +0200 From: Mathieu Arnold <mat@FreeBSD.org> To: freebsd-ports@freebsd.org Subject: Re: Pourdriere produces faulty build results due to bsd.openssl.mk bug Message-ID: <39EB43284C708BF6D95925A1@atuin.in.mat.cc> In-Reply-To: <1427983680.2035836.248559593.5ED876C6@webmail.messagingengine.com> References: <551C5C4C.5090707@rawbw.com> <551C615D.8050706@FreeBSD.org> <1427983680.2035836.248559593.5ED876C6@webmail.messagingengine.com>
next in thread | previous in thread | raw e-mail | index | archive | help
+--On 2 avril 2015 09:08:00 -0500 Mark Felder <feld@FreeBSD.org> wrote: | On Wed, Apr 1, 2015, at 16:21, Bryan Drewery wrote: |> On 4/1/2015 3:59 PM, Yuri wrote: |> > I found that packages produced by poudriere likely link with base |> > openssl, while port make likely links with the port openssl. |> > This is because of the lines in bsd.openssl.mk which check for the |> > presence of openssl shared library and headers under PREFIX, and set |> > WITH_OPENSSL_BASE when they aren't present. In case of port make files |> > are likely present, and in case of poudriere build files are likely not |> > present. |> > |> > Example is ftp/curl (with GSSAPI=NONE, OPENSSL=yes options). |> > *Poudriere produces curl library, that causes VirtualBox to break* due |> > to the openssl base vs. port conflicts. See recent emulation@ ML |> > threads. Port make produces curl library that works fine with |> > VirtualBox. |> > |> > I think both WITH_OPENSSL_BASE and WITH_OPENSSL_PORT should be retired, |> > and code checking file presence also should be removed, and all ports |> > should be made to build with an openssl port instead. Ports should |> > never use base OpenSSL. |> > |> > Only <100 ports touch WITH_OPENSSL_... variables. Somebody who is able |> > to make such decisions and has the commit bit should bit should look |> > into this. Otherwise, massively faulty package repositories are |> > produces. |> > |> > Yuri |> |> I've wanted this for a long time. I think we should just do it. |> | | What are the risks of something linking to OpenSSL in ports also | requiring something from base which in turn... links in OpenSSL from | base? Like gssapi from base, yes, we would need to only link with gssapi from ports. There is also the problems of ports linking with libpkg.so and libcrypto.so... (like net-snmp) -- Mathieu Arnold
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39EB43284C708BF6D95925A1>