From owner-freebsd-questions@FreeBSD.ORG  Wed Feb  3 09:04:34 2010
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id A9972106566C
	for <freebsd-questions@freebsd.org>;
	Wed,  3 Feb 2010 09:04:34 +0000 (UTC)
	(envelope-from m.seaman@black-earth.co.uk)
Received: from smtp.infracaninophile.co.uk (gate6.infracaninophile.co.uk
	[IPv6:2001:8b0:151:1::1])
	by mx1.freebsd.org (Postfix) with ESMTP id 36BA98FC14
	for <freebsd-questions@freebsd.org>;
	Wed,  3 Feb 2010 09:04:33 +0000 (UTC)
Received: from seedling.black-earth.co.uk (seedling.black-earth.co.uk
	[81.187.76.163]) (authenticated bits=0)
	by smtp.infracaninophile.co.uk (8.14.4/8.14.4) with ESMTP id
	o1393mKx083018
	(version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO);
	Wed, 3 Feb 2010 09:04:03 GMT
	(envelope-from m.seaman@black-earth.co.uk)
X-DKIM: Sendmail DKIM Filter v2.8.3 smtp.infracaninophile.co.uk o1393mKx083018
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=black-earth.co.uk;
	s=201001-black-earth; t=1265187844;
	bh=YcBguGjJ0m36X4ChmXqNOHS18zl7WISTl8xLRAU4Df8=;
	h=Subject:Mime-Version:Content-Type:From:In-Reply-To:Date:Cc:
	Content-Transfer-Encoding:Message-Id:References:To:Cc:Content-Type:
	Date:From:In-Reply-To:Message-ID:Mime-Version:References:To;
	z=Subject:=20Re:=20Disabling=20openssl=20from=20ports|Mime-Version:
	=201.0=20(Apple=20Message=20framework=20v1077)|Content-Type:=20tex
	t/plain=3B=20charset=3Dus-ascii|From:=20Matthew=20Seaman=20<m.seam
	an@black-earth.co.uk>|In-Reply-To:=20<201002030336.o133aA0S056157@
	banyan.cs.ait.ac.th>|Date:=20Wed,=203=20Feb=202010=2009:03:48=20+0
	000|Cc:=20freebsd-questions@freebsd.org|Content-Transfer-Encoding:
	=207bit|Message-Id:=20<3A257160-6CFD-453E-B776-A9F6248419A7@black-
	earth.co.uk>|References:=20<201002030336.o133aA0S056157@banyan.cs.
	ait.ac.th>|To:=20Olivier=20Nicole=20<Olivier.Nicole@cs.ait.ac.th>|
	X-Mailer:=20Apple=20Mail=20(2.1077);
	b=KJt319qE+Z1b5JcSY3G5HBx4KW6rw/+tipsnGfgmAHlHhV3t3pRflEUSOzr8gGRx0
	SD484g1k4hCXG9Jh7ZgjtWjOKWGzNYD3dRrldn2Y/CNppgt0xDnwTi1ecKKKLNaoyE
	E1RDOlQzyb7fUcag6ZjywkxFPUXccTtzm78lV4Jw=
Mime-Version: 1.0 (Apple Message framework v1077)
Content-Type: text/plain; charset=us-ascii
From: Matthew Seaman <m.seaman@black-earth.co.uk>
In-Reply-To: <201002030336.o133aA0S056157@banyan.cs.ait.ac.th>
Date: Wed, 3 Feb 2010 09:03:48 +0000
Content-Transfer-Encoding: 7bit
Message-Id: <3A257160-6CFD-453E-B776-A9F6248419A7@black-earth.co.uk>
References: <201002030336.o133aA0S056157@banyan.cs.ait.ac.th>
To: Olivier Nicole <Olivier.Nicole@cs.ait.ac.th>
X-Mailer: Apple Mail (2.1077)
X-Virus-Scanned: clamav-milter 0.95.3 at
	happy-idiot-talk.infracaninophile.co.uk
X-Virus-Status: Clean
X-Spam-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_00,DKIM_SIGNED,
	DKIM_VERIFIED,SPF_FAIL autolearn=no version=3.2.5
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
	happy-idiot-talk.infracaninophile.co.uk
Cc: freebsd-questions@freebsd.org
Subject: Re: Disabling openssl from ports
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Feb 2010 09:04:34 -0000


On 3 Feb 2010, at 03:36, Olivier Nicole wrote:

> 
> I have one port, namely /usr/ports/www/pound that needs the version of
> openssl from the ports (/usr/ports/security/openssl).
> 
> But others ports works way better with the stock openssl from the
> system.

Personally, I've been using the ports version of openssl on a number of
machines, and I haven't run into the sort of problems you claim.  There
is not a lot between the ports of the base system, especially if you're
running a recent version of FreeBSD -- it's another port to manage, but
you get access to various bits of new functionality.

> Is there a configuration somewhere that could be used to say that
> no-one except pound should use openssl from the ports?
> 
> The only way I see is to put includes and libarries of openssl in some
> obscure place and have pound point to them.
> 
OK, this /should/ work.  Add the following to /etc/make.conf:

WITH_OPENSSL_BASE=	yes

.if ${.CURDIR:M*/www/pound}
WITH_OPENSSL_PORT=	yes
.endif

Test SSL-using executables with ldd(1) to see which copy of libcrypto they
link against.

	Cheers,

	Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
                                                  Kent, CT11 9PW