Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 12 May 2015 03:52:10 -0700
From:      Yuri <yuri@rawbw.com>
To:        "Dr. Peter Voigt" <pvoigt@uos.de>
Cc:        freebsd-ports@freebsd.org
Subject:   Re: www/firefox really depends on security/openssl?
Message-ID:  <5551DB5A.7090508@rawbw.com>
In-Reply-To: <20150512112505.5f36f0b2@kirk.drpetervoigt.private>
References:  <20150509125643.0bda93e6@kirk.drpetervoigt.private> <554EEBB5.8010304@rawbw.com> <20150511202110.34e6e29c@kirk.drpetervoigt.private> <55510C22.9050900@rawbw.com> <20150512000259.32a44ec4@kirk.drpetervoigt.private> <55512E8F.8040508@rawbw.com> <20150512022857.7230c163@kirk.drpetervoigt.private> <55515251.5040503@rawbw.com> <20150512112505.5f36f0b2@kirk.drpetervoigt.private>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 05/12/2015 02:25, Dr. Peter Voigt wrote:
> Therefore I conclude:
>
> - Installing binary packages with pkg does not honor the
>    WITH_OPENSSL_BASE=yes switch. Is there another place to tell pkg to
>    use base openssl when doing binary installations?
Binary packages are built with default choices for port options. These 
choices are fixed, and don't depend on your choice of 
WITH_OPENSSL_BASE=yes in ports.
Also this option WITH_OPENSSL_BASE=yes should be deprecated ASAP in all 
ports, except maybe very few.

>
> - If port openssl is not present on a system, any dependency to openssl
>    is not detected by porttree.

OpenSSL is an oddball, because USE_OPENSSL is interpreted in a weird way 
that it tries to detect its port presence and link with it, so standard 
packages are often built with base SSL which is a problem.
This has been discussed, but I am not sure of when this will be fixed.

In short, as I also mentioned before, you won't be able to get rid of 
OpenSSL port because some packages require it unconditionally. So the 
best strategy is to use OpenSSL port for everything. You will likely be 
successful if you build them yourself from ports, and fix places where 
base SSL comes into play.

Yuri

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5551DB5A.7090508>