Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 08 Aug 2014 14:44:53 +0000
From:      bugzilla-noreply@freebsd.org
To:        freebsd-python@FreeBSD.org
Subject:   [Bug 192511] [patch]  fix lang/python27 build with libressl
Message-ID:  <bug-192511-17421-aZPWDpxlQ8@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-192511-17421@https.bugs.freebsd.org/bugzilla/>
References:  <bug-192511-17421@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=192511

--- Comment #2 from meyer.arne83@gmail.com ---
(In reply to Marcus von Appen from comment #1)
> Root problem:
> As soon as libressl is installed via ports, lang/pythonXX and other ports
> will try to pick it up, most likely due to the include and linker flags
> order. This is problematic in two regards:
> 
> * lang/python27 does not have an explicit BUILD/RUN_DEPENDS on libressl,
> since libressl is not officially supported by upstream (yet)
> * libressl is API and ABI incompatible with OpenSSL, so depending on the
> system status (libressl installed or not), python will take the one or other.
> 
> I do not like the patch, since it would disable the function for both,
> OpenSSL and libressl and thus effectively change the behaviour of
> lang/pythonXX.
Does RAND_egd even work on FreeBSD? 
I also tried to preserve the python ssl api by having PySSL_RAND_egd just
return an error. So I don't think it's behaviour has changed. Might have missed
something, tho.
> We need to get two things right:
> 
> * handle OpenSSL support correctly and explicitly use OpenSSL, so that an
> installed SSL replacement does not cause a wrong and unintended behaviour
> * offer users to link against libressl explicitly (via an OPTION), which can
> cause different behaviour.
How about this:
* Add smt. like WITH_OPENSSL_LIBRE and some logic to bsd.openssl.mk
* Have the libressl port fail to build without that flag set.
* Add a static library or c file with dummy functions(RAND_egd, ...) to
libressl.

-- 
You are receiving this mail because:
You are the assignee for the bug.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-192511-17421-aZPWDpxlQ8>