Breaking SSL options: Which to use to build 1000 ports?
Julian H. Stacey
jhs at berklix.com
Wed Nov 30 18:36:00 UTC 2016
Hi ports at freebsd.org
Advice Please:
I need some SSL settings I can compile 1000 ports with.
I dont care which SSL. (Any of eg base from src/ or any from devel/ )
I dont care if SSL fails to run on most ports.
I need 1000 ports to compile & install, & stop wasting my time with SSL.
SSL will not even be used in most cases,
Here's a small subset of ever growing DUDS= fail to build because of SSL:
arandr fetchmail fvwm2 xf86-input-keyboard xf86-input-mouse
xf86-video-chips xf86-video-fbdev xf86-video-neomagic
xf86-video-vesa xorg xorg-apps xorg-server
I make ports from sources, never packages, using ports/*/Makefile.local
with SUBDIR+= ports_i_want
I purged some old old duplicate bins & libs, & now need to do eg
cd /usr/ports ; make BERKLIX_CLIENT=YES BERKLIX_SERVER=YES install
Lots of ports fail to build, no matter which SSL options I try,
currently (with make.conf below) I'm seeing a dependent port eg:
cd /usr/ports/security/p5-GSSAPI ; make
===> p5-GSSAPI-0.28_1 You are using OpenSSL from ports and have selected
GSSAPI from base, please select another GSSAPI value.
I can't revert to src/ base as loads of ports want devel/openssl
pkg delete openssl-1.0.2j_1,1 # Number of packages to be removed: 149
FreeBSD's SSL defaults seem a mess : complex, breaking on loads
of ports, inadequately documented, insufficiently clear error messages.
My current /etc/make.conf:
----------------
# GSSAPI: Generic Security Services Application Program Interface
# http://en.wikipedia.org/wiki/Generic_Security_Services_Application_Program_Interface
# /usr/ports/Mk/Uses/gssapi.mk:
# You are using OpenSSL from ports and have selected
# GSSAPI from base, please select another GSSAPI value.
# cd /usr/ports/security/openssl; echo ../*ssl*
# SSL_DEFAULT=base # Disapproved of by
# /usr/ports/Mk/bsd.default-versions.mk
# which instead reccomends:
# DEFAULT_VERSIONS+=ssl=base
# DEFAULT_VERSIONS+=ssl=openssl
# Possible values: base, openssl, openssl-devel, libressl, libressl-devel
# & also has:
# WITH_OPENSSL_*
DEFAULT_VERSIONS+=ssl=openssl
# WITH_OPENSSL="YES"
# WITH_OPENSSL="openssl"
# WITH_OPENSSL_PORT="YES"
# WITH_OPENSSL_PORT="openssl"
# SEE ALSO
# /etc/src.conf (used only by src/),
# whereas this make.conf used by both src/ & ports/.
# https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/openssl.html
# WITH_OPENSSL_PORT WITH_OPENSSL_BASE
# man 7 ports
# /usr/ports/Mk/Uses/gssapi.mk
----------------
Advice welcome, Thanks !
Cheers,
Julian
--
Julian Stacey, BSD Linux Unix Sys Eng Consultant Munich
Reply below, Prefix '> '. Plain text, No .doc, base64, HTML, quoted-printable.
http://berklix.eu/brexit/#stolen_votes
More information about the freebsd-ports
mailing list