From owner-freebsd-ports@FreeBSD.ORG Sat Jul 25 21:29:32 2009 Return-Path: Delivered-To: freebsd-ports@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 18A3E1065672 for ; Sat, 25 Jul 2009 21:29:32 +0000 (UTC) (envelope-from bf1783@googlemail.com) Received: from mail-fx0-f225.google.com (mail-fx0-f225.google.com [209.85.220.225]) by mx1.freebsd.org (Postfix) with ESMTP id 9E1B08FC1E for ; Sat, 25 Jul 2009 21:29:31 +0000 (UTC) (envelope-from bf1783@googlemail.com) Received: by fxm25 with SMTP id 25so188074fxm.43 for ; Sat, 25 Jul 2009 14:29:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:cc:content-type:content-transfer-encoding; bh=73o+YFwTSUaog+bSoI1dr3io8kC8SZ0EdBK14ln2pfg=; b=a5a8IKnD3E0wlzLdMNFof8k0G6GsDaCq8CLjG9WD5sf2yMrpveb3B5x3QJB6FiVd1D +7KHw331UwOeJYeGbOxkddxPY48DFkGoXhsbhOGJlhidcpHx1BklGIjoVHZNibb/+Fuv uOBxieBDJ4br1fL/H2fKVjhOerBiPeeH60tzk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; b=TySqW9e6+Iypu6FNxG04mCveYYkJMq2h1uVHklmQkoL/kqvCs6YGuuT1jvrlbED+SS GDlBWn3USwRTjGywM3TYPyBW9EL240VkE6ax0bhgNLlMGIkPP1ihdf5RCY6l+kUNfhZO orFxHkEt2yAAXeE2gz6SBVwDTkhiOafSPlKDk= MIME-Version: 1.0 Received: by 10.239.168.6 with SMTP id i6mr492036hbe.85.1248557370639; Sat, 25 Jul 2009 14:29:30 -0700 (PDT) Date: Sat, 25 Jul 2009 21:29:30 +0000 Message-ID: From: "b. f." To: freebsd-ports@FreeBSD.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: enlil65@gmail.com Subject: Re: Using WITH_OPENSSL_PORT X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Jul 2009 21:29:32 -0000 Argh! This again. On Sat, 25 Jul 2009 11:50:17 -0500 Peggy Wilkins wrote: > > I recently installed security/krb5 which is my first installed port > that has set WITH_OPENSSL_PORT in its Makefile. It didn't take me > long to notice after the installation of security/krb5 that > security/pam_ldap on the same system no longer works, so I tried > recompiling/reinstalling openldap and pam_ldap but that didn't fix it. > However, I didn't set WITH_OPENSSL_PORT myself when I did that -- I > assumed the ports system would automatically detect that the openssl > port was installed and would use that. If the port uses the bsd.openssl.mk framework properly, it should use the openssl port if it is installed, and if it is not explicitly told to use the base openssl. This is clear from lines 44-51 of version 1.44 of bsd.openssl.mk. > > I am unsure what I need to do to use the ports openssl on my system > instead of the one that comes with the base system, without breaking > things. I assume I need to recompile the ports that depend on > openssl, but how do I get the list of those things, given that (AFAIK) > none of them list openssl as a dependency? If you have a ports tree, and LOCALBASE and PREFIX are subdirectories of usr/ (they are both /usr/local by default), you can do something like: pkg_info -aoq | xargs -I % make -C /usr/ports/% -V OPENSSLBASE -V PKGORIGIN | sed -n '/^\/usr/{n;p;}' which will list the ports that USE_OPENSSL. (You should really just be able to test that USE_OPENSSL is defined, but a small number of ports (77) use hacks to include bsd.openssl.mk without ever defining USE_OPENSSL, so you need to do something like the above instead.) You should then rebuild these ports, and, if you want to be safe, the ports that depend upon them. This will not find ports that don't properly use the bsd.openssl.mk framework, but still link against the openssl libraries. There ought not to be any such ports, but occasionally mistakes are made. > > Since I do OS updates from source, will using ports openssl affect > make installworld and/or make installkernel on the base system? > No, it shouldn't. > I read the openssl section in the FreeBSD Handbook and didn't find any > useful information about this in there. I also read through (as much > as I could follow, anyway) /usr/ports/Mk/bsd.openssl.mk but am still > clueless. Well, it's all in there... :) > > Can someone outline how to use openssl from ports correctly? Just install the openssl port, and, to be on the safe side, define WITH_OPENSSL_PORT in the build environment of the ports that USE_OPENSSL -- in /etc/make.conf is a good place, as someone mentioned. b.