From owner-freebsd-ports@FreeBSD.ORG Fri Apr 3 18:49:58 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 157E6722 for ; Fri, 3 Apr 2015 18:49:58 +0000 (UTC) Received: from prod2.absolight.net (mx3.absolight.net [IPv6:2a01:678:2:100::25]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "plouf.absolight.net", Issuer "CAcert Class 3 Root" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id C9E101C2 for ; Fri, 3 Apr 2015 18:49:57 +0000 (UTC) Received: from prod2.absolight.net (localhost [127.0.0.1]) by prod2.absolight.net (Postfix) with ESMTP id 12569BDC5A for ; Fri, 3 Apr 2015 20:49:56 +0200 (CEST) Received: from atuin.in.mat.cc (atuin.in.mat.cc [79.143.241.205]) by prod2.absolight.net (Postfix) with ESMTPA id 33A29BDC30 for ; Fri, 3 Apr 2015 20:49:55 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by atuin.in.mat.cc (Postfix) with ESMTP id C8F622EB69F1 for ; Fri, 3 Apr 2015 20:49:54 +0200 (CEST) Date: Fri, 03 Apr 2015 20:49:54 +0200 From: Mathieu Arnold To: freebsd-ports@freebsd.org Subject: Re: Pourdriere produces faulty build results due to bsd.openssl.mk bug Message-ID: <39EB43284C708BF6D95925A1@atuin.in.mat.cc> In-Reply-To: <1427983680.2035836.248559593.5ED876C6@webmail.messagingengine.com> References: <551C5C4C.5090707@rawbw.com> <551C615D.8050706@FreeBSD.org> <1427983680.2035836.248559593.5ED876C6@webmail.messagingengine.com> X-Mailer: Mulberry/4.0.8 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Apr 2015 18:49:58 -0000 +--On 2 avril 2015 09:08:00 -0500 Mark Felder wrote: | On Wed, Apr 1, 2015, at 16:21, Bryan Drewery wrote: |> On 4/1/2015 3:59 PM, Yuri wrote: |> > I found that packages produced by poudriere likely link with base |> > openssl, while port make likely links with the port openssl. |> > This is because of the lines in bsd.openssl.mk which check for the |> > presence of openssl shared library and headers under PREFIX, and set |> > WITH_OPENSSL_BASE when they aren't present. In case of port make files |> > are likely present, and in case of poudriere build files are likely not |> > present. |> > |> > Example is ftp/curl (with GSSAPI=NONE, OPENSSL=yes options). |> > *Poudriere produces curl library, that causes VirtualBox to break* due |> > to the openssl base vs. port conflicts. See recent emulation@ ML |> > threads. Port make produces curl library that works fine with |> > VirtualBox. |> > |> > I think both WITH_OPENSSL_BASE and WITH_OPENSSL_PORT should be retired, |> > and code checking file presence also should be removed, and all ports |> > should be made to build with an openssl port instead. Ports should |> > never use base OpenSSL. |> > |> > Only <100 ports touch WITH_OPENSSL_... variables. Somebody who is able |> > to make such decisions and has the commit bit should bit should look |> > into this. Otherwise, massively faulty package repositories are |> > produces. |> > |> > Yuri |> |> I've wanted this for a long time. I think we should just do it. |> | | What are the risks of something linking to OpenSSL in ports also | requiring something from base which in turn... links in OpenSSL from | base? Like gssapi from base, yes, we would need to only link with gssapi from ports. There is also the problems of ports linking with libpkg.so and libcrypto.so... (like net-snmp) -- Mathieu Arnold