svn commit: r515574 - head/security/cyrus-sasl2

Mathieu Arnold mat at FreeBSD.org
Tue Nov 5 13:47:12 UTC 2019 

On Tue, Nov 05, 2019 at 02:12:22PM +0100, Baptiste Daroussin wrote:
> On Fri, Oct 25, 2019 at 03:21:17AM +0000, Eugene Grosbein wrote:
> > Author: eugen
> > Date: Fri Oct 25 03:21:16 2019
> > New Revision: 515574
> > URL: https://svnweb.freebsd.org/changeset/ports/515574
> > 
> > Log:
> >   security/cyrus-sasl2: unbreak building with stock OpenSSL for stable/11
> >   
> >   Sendmail bundled with FreeBSD has SASL support and the Handbook tells
> >   how to rebuild the Sendmail with SASL enabled if you have installed
> >   cyrus-sasl2 that links with OpenSSL's libcrypto.
> >   
> >   Sendmail uses old OpenSSL 1.0.2 API, so cyrus-sasl2 should be built
> >   with stock libcrypto even if newer OpenSSL is installed for Ports.
> >   
> >   This change adds new option SSL to the port (enabled by default).
> >   If disabled, cyrus-sasl2 is built witch stock libcrypto not depending
> >   on ports version of OpenSSL.
> >   
> >   PORTREVISION not changed as default build is not affected.
> > 
> > Modified:
> >   head/security/cyrus-sasl2/Makefile
> >   head/security/cyrus-sasl2/Makefile.common
> > 
> > Modified: head/security/cyrus-sasl2/Makefile
> > ==============================================================================
> > --- head/security/cyrus-sasl2/Makefile	Fri Oct 25 03:15:48 2019	(r515573)
> > +++ head/security/cyrus-sasl2/Makefile	Fri Oct 25 03:21:16 2019	(r515574)
> > @@ -11,13 +11,14 @@ CYRUS_CONFIGURE_ARGS=	--with-saslauthd=${SASLAUTHD_RUN
> >  
> >  NO_OPTIONS_SORT=	yes
> >  OPTIONS_DEFINE=		ALWAYSTRUE AUTHDAEMOND DOCS KEEP_DB_OPEN \
> > -			OBSOLETE_CRAM_ATTR OBSOLETE_DIGEST_ATTR
> > +			OBSOLETE_CRAM_ATTR OBSOLETE_DIGEST_ATTR SSL
> >  OPTIONS_RADIO=		SASLDB
> >  OPTIONS_RADIO_SASLDB=	BDB1 BDB GDBM LMDB
> >  OPTIONS_GROUP=		PLUGIN
> >  OPTIONS_GROUP_PLUGIN=	ANONYMOUS CRAM DIGEST LOGIN NTLM OTP PLAIN SCRAM
> >  OPTIONS_DEFAULT=	ANONYMOUS AUTHDAEMOND BDB1 OBSOLETE_CRAM_ATTR CRAM \
> > -			OBSOLETE_DIGEST_ATTR DIGEST LOGIN NTLM OTP PLAIN SCRAM
> > +			OBSOLETE_DIGEST_ATTR DIGEST LOGIN NTLM OTP PLAIN SCRAM \
> > +			SSL
> >  OPTIONS_SUB=		yes
> >  ALWAYSTRUE_DESC=	Alwaystrue password verifier (discouraged)
> >  ALWAYSTRUE_CONFIGURE_ENABLE=alwaystrue
> > @@ -61,6 +62,8 @@ PLAIN_DESC=		PLAIN authentication
> >  PLAIN_CONFIGURE_ENABLE=	plain
> >  SCRAM_DESC=		SCRAM authentication
> >  SCRAM_CONFIGURE_ENABLE=	scram
> > +SSL_DESC=		Uncheck this to use system openssl libraries
> > +SSL_USES=		ssl
> >  
> I don't think this is the right approach.
> 
> 1/ the option (double negative) is confusing.
> 2/ the default on for it makes it depends always on ports openssl, and mixing
> port openssl and base openssl is always a mess for end users.

Mmmm, unless I am missing something, I think you are both wrong.
USES=ssl means "this port uses openssl", it does absolutely nothing
about using openssl from ports or from the base system, this is left to
the user by setting DEFAULT_VERSIONS+=ssl=xxx in their make.conf.

-- 
Mathieu Arnold
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/svn-ports-all/attachments/20191105/8be172f0/attachment.sig>

More information about the svn-ports-all mailing list