From owner-cvs-ports@FreeBSD.ORG Wed Apr 16 23:11:00 2003 Return-Path: Delivered-To: cvs-ports@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2071337B401; Wed, 16 Apr 2003 23:11:00 -0700 (PDT) Received: from sccrmhc03.attbi.com (sccrmhc03.attbi.com [204.127.202.63]) by mx1.FreeBSD.org (Postfix) with ESMTP id D8B6C43FBD; Wed, 16 Apr 2003 23:10:58 -0700 (PDT) (envelope-from DougB@freebsd.org) Received: from master.gorean.org (12-234-22-23.client.attbi.com[12.234.22.23]) by sccrmhc03.attbi.com (sccrmhc03) with SMTP id <2003041706105700300bunr9e>; Thu, 17 Apr 2003 06:10:58 +0000 Date: Wed, 16 Apr 2003 23:10:55 -0700 (PDT) From: Doug Barton To: "Jacques A. Vidrine" In-Reply-To: <20030417020124.GA56123@madman.celabo.org> Message-ID: <20030416230828.A12786@znfgre.tberna.bet> References: <200304161444.h3GEi5DX063598@repoman.freebsd.org> <20030417020124.GA56123@madman.celabo.org> Organization: http://www.FreeBSD.org/ X-message-flag: Outlook -- Not just for spreading viruses anymore! MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: Dirk Meyer cc: cvs-ports@freebsd.org cc: ports-committers@freebsd.org cc: cvs-all@freebsd.org cc: Kris Kennaway Subject: Re: cvs commit: ports/security/openssl-beta Makefile X-BeenThere: cvs-ports@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Apr 2003 06:11:00 -0000 On Wed, 16 Apr 2003, Jacques A. Vidrine wrote: > On Wed, Apr 16, 2003 at 12:04:10PM -0700, Kris Kennaway wrote: > > On Wed, Apr 16, 2003 at 07:44:05AM -0700, Dirk Meyer wrote: > > > dinoex 2003/04/16 07:44:05 PDT > > > > > > FreeBSD ports repository > > > > > > Modified files: > > > security/openssl-beta Makefile > > > Log: > > > - ### HEAD UP ### SHLIBVER has been bumped back. > > > - honor OPENSSH_SHLIBVER if set by user. > > > > Whoa there..you can't do this without creating all sorts of problems > > for users. > > It's (something like) this, or screw all ports users the next time the > OpenSSL ABI changes. Whether OpenSSL 0.9.6 is installed from the base > system or ports, it should use shared library version 2. Whether > OpenSSL 0.9.7 is installed from the base system or ports, it should > use shared library version 3. > > Because these were out-of-sync previously, some > OpenSSL-from-ports-using folks were hosed when OpenSSL 0.9.7 was > imported (they had to recompile OpenSSL-using ports). I agree with Jacques and Dirk here. Bumping the lib version in the port was a mistake that has caused our users grief, and has the potential to keep doing so in the future. I get two or three messages related to this problem and bind 9's usage of openssl a week, and I know that the bind 9 issue is very low profile compared to other, related problems. It's a painful thing to do, but it's a little pain now, and get it over with, or more and more down the road. Doug -- This .signature sanitized for your protection