From nobody Sat Jul 9 05:24:12 2022 X-Original-To: freebsd-ports@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 8C74B12DAD5D for ; Sat, 9 Jul 2022 05:24:22 +0000 (UTC) (envelope-from list_freebsd@bluerosetech.com) Received: from echo.brtsvcs.net (echo.brtsvcs.net [208.111.40.118]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4Lfz913cZpz3STB for ; Sat, 9 Jul 2022 05:24:21 +0000 (UTC) (envelope-from list_freebsd@bluerosetech.com) Received: from chombo.houseloki.net (65-100-43-2.dia.static.qwest.net [65.100.43.2]) by echo.brtsvcs.net (Postfix) with ESMTPS id E852138D00 for ; Sat, 9 Jul 2022 05:24:13 +0000 (UTC) Received: from [10.26.25.100] (ivy.pas.ds.pilgrimaccounting.com [10.26.25.100]) by chombo.houseloki.net (Postfix) with ESMTPSA id D54A1B1C for ; Fri, 8 Jul 2022 22:24:12 -0700 (PDT) To: freebsd-ports@freebsd.org From: Mel Pilgrim Subject: Ports System not matching upstream build, causes broken builds Message-ID: <55f0f177-70ba-99c7-7b2d-150bdd1ad4a0@bluerosetech.com> Date: Fri, 8 Jul 2022 22:24:12 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.12.0 List-Id: Porting software to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-ports List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-ports@freebsd.org X-BeenThere: freebsd-ports@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4Lfz913cZpz3STB X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of list_freebsd@bluerosetech.com designates 208.111.40.118 as permitted sender) smtp.mailfrom=list_freebsd@bluerosetech.com X-Spamd-Result: default: False [-3.30 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; R_SPF_ALLOW(-0.20)[+mx:relay3.brtsvcs.net]; MIME_GOOD(-0.10)[text/plain]; R_DKIM_NA(0.00)[]; ASN(0.00)[asn:36236, ipnet:208.111.40.0/24, country:US]; MLMMJ_DEST(0.00)[freebsd-ports]; FROM_EQ_ENVFROM(0.00)[]; DMARC_NA(0.00)[bluerosetech.com]; MIME_TRACE(0.00)[0:+]; RCVD_COUNT_THREE(0.00)[3]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; FROM_HAS_DN(0.00)[]; ARC_NA(0.00)[]; RCVD_TLS_ALL(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-ports@freebsd.org]; MID_RHS_MATCH_FROM(0.00)[] X-ThisMailContainsUnwantedMimeParts: N I'm working on a port of rbsec/sslscan (github), but running into an issue where the Ports System is invoking gmake in a way that doesn't match what the upstream Makefile does. The software has two build options: build a dynamic-linked version against the system OpenSSL library, or build a static-linked version against a bundled copy of OpenSSL 1.1.1-stable. `gmake` gets you the dynamic version, `gmake static` gets you the static version. Simple enough, so I put this in the port Makefile: OPTIONS_DEFINE= STATIC STATIC_USES_OFF=ssl STATIC_ALL_TARGET=static The port does call the static target as expected, but something is going terribly wrong and the result is polluted CFLAGS and LDFLAGS. An example is the cc invocation to build the sslscan binary itself. Below is that call for each of direct/port and static/dynamic build, with line-breaks added for ease of comparison: Direct static build: # gmake static cc -o sslscan -Wall -Wformat=2 -Wformat-security -Wno-deprecated-declarations -pie -z relro -z now -L/tmp/scratch/sslscan/openssl/ -D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIE -std=gnu11 -I/tmp/scratch/sslscan/openssl/include/ -I/tmp/scratch/sslscan/openssl/ -DVERSION=\"2.0.15-static\" sslscan.c -lssl -lcrypto -lz -lpthread Port build with STATIC on: # make cc -o sslscan -Wall -Wformat=2 -Wformat-security -Wno-deprecated-declarations -fstack-protector-strong -pie -z relro -z now -L/usr/local/lib -L/usr/local/ssl/lib -L/usr/local/opt/openssl/lib -L/opt/local/lib -pie -z relro -z now -L/poudriere/ports/default/security/sslscan/work/sslscan-2.0.15/openssl/ -O2 -pipe -fstack-protector-strong -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIE -std=gnu11 -I/usr/local/include -I/usr/local/ssl/include -I/usr/local/ssl/include/openssl -I/usr/local/opt/openssl/include -I/opt/local/include -I/opt/local/include/openssl -D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIE -std=gnu11 -I/poudriere/ports/default/security/sslscan/work/sslscan-2.0.15/openssl/include/ -I/poudriere/ports/default/security/sslscan/work/sslscan-2.0.15/openssl/ -DVERSION=\"2.0.15-static\" sslscan.c -lssl -lcrypto -lz -lpthread Direct dynamic build: # gmake cc -o sslscan -Wall -Wformat=2 -Wformat-security -Wno-deprecated-declarations -pie -z relro -z now -L/usr/local/lib -L/usr/local/ssl/lib -L/usr/local/opt/openssl/lib -L/opt/local/lib -D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIE -std=gnu11 -I/usr/local/include -I/usr/local/ssl/include -I/usr/local/ssl/include/openssl -I/usr/local/opt/openssl/include -I/opt/local/include -I/opt/local/include/openssl -DVERSION=\"2.0.15\" sslscan.c -lssl -lcrypto Port build with STATIC off: # make cc -o sslscan -Wall -Wformat=2 -Wformat-security -Wno-deprecated-declarations -Wl,-rpath,/usr/local/lib -fstack-protector-strong -pie -z relro -z now -L/usr/local/lib -L/usr/local/ssl/lib -L/usr/local/opt/openssl/lib -L/opt/local/lib -O2 -pipe -fstack-protector-strong -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIE -std=gnu11 -I/usr/local/include -I/usr/local/ssl/include -I/usr/local/ssl/include/openssl -I/usr/local/opt/openssl/include -I/opt/local/include -I/opt/local/include/openssl -DVERSION=\"2.0.15\" sslscan.c -lssl -lcrypto Why is the port doing this and what bits of Makefile do I need to add to the skeleton to make it behave correctly?