svn commit: r515574 - head/security/cyrus-sasl2
Baptiste Daroussin
bapt at FreeBSD.org
Tue Nov 5 13:52:09 UTC 2019
On Tue, Nov 05, 2019 at 02:47:10PM +0100, Mathieu Arnold wrote:
> On Tue, Nov 05, 2019 at 02:12:22PM +0100, Baptiste Daroussin wrote:
> > On Fri, Oct 25, 2019 at 03:21:17AM +0000, Eugene Grosbein wrote:
> > > Author: eugen
> > > Date: Fri Oct 25 03:21:16 2019
> > > New Revision: 515574
> > > URL: https://svnweb.freebsd.org/changeset/ports/515574
> > >
> > > Log:
> > > security/cyrus-sasl2: unbreak building with stock OpenSSL for stable/11
> > >
> > > Sendmail bundled with FreeBSD has SASL support and the Handbook tells
> > > how to rebuild the Sendmail with SASL enabled if you have installed
> > > cyrus-sasl2 that links with OpenSSL's libcrypto.
> > >
> > > Sendmail uses old OpenSSL 1.0.2 API, so cyrus-sasl2 should be built
> > > with stock libcrypto even if newer OpenSSL is installed for Ports.
> > >
> > > This change adds new option SSL to the port (enabled by default).
> > > If disabled, cyrus-sasl2 is built witch stock libcrypto not depending
> > > on ports version of OpenSSL.
> > >
> > > PORTREVISION not changed as default build is not affected.
> > >
> > > Modified:
> > > head/security/cyrus-sasl2/Makefile
> > > head/security/cyrus-sasl2/Makefile.common
> > >
> > > Modified: head/security/cyrus-sasl2/Makefile
> > > ==============================================================================
> > > --- head/security/cyrus-sasl2/Makefile Fri Oct 25 03:15:48 2019 (r515573)
> > > +++ head/security/cyrus-sasl2/Makefile Fri Oct 25 03:21:16 2019 (r515574)
> > > @@ -11,13 +11,14 @@ CYRUS_CONFIGURE_ARGS= --with-saslauthd=${SASLAUTHD_RUN
> > >
> > > NO_OPTIONS_SORT= yes
> > > OPTIONS_DEFINE= ALWAYSTRUE AUTHDAEMOND DOCS KEEP_DB_OPEN \
> > > - OBSOLETE_CRAM_ATTR OBSOLETE_DIGEST_ATTR
> > > + OBSOLETE_CRAM_ATTR OBSOLETE_DIGEST_ATTR SSL
> > > OPTIONS_RADIO= SASLDB
> > > OPTIONS_RADIO_SASLDB= BDB1 BDB GDBM LMDB
> > > OPTIONS_GROUP= PLUGIN
> > > OPTIONS_GROUP_PLUGIN= ANONYMOUS CRAM DIGEST LOGIN NTLM OTP PLAIN SCRAM
> > > OPTIONS_DEFAULT= ANONYMOUS AUTHDAEMOND BDB1 OBSOLETE_CRAM_ATTR CRAM \
> > > - OBSOLETE_DIGEST_ATTR DIGEST LOGIN NTLM OTP PLAIN SCRAM
> > > + OBSOLETE_DIGEST_ATTR DIGEST LOGIN NTLM OTP PLAIN SCRAM \
> > > + SSL
> > > OPTIONS_SUB= yes
> > > ALWAYSTRUE_DESC= Alwaystrue password verifier (discouraged)
> > > ALWAYSTRUE_CONFIGURE_ENABLE=alwaystrue
> > > @@ -61,6 +62,8 @@ PLAIN_DESC= PLAIN authentication
> > > PLAIN_CONFIGURE_ENABLE= plain
> > > SCRAM_DESC= SCRAM authentication
> > > SCRAM_CONFIGURE_ENABLE= scram
> > > +SSL_DESC= Uncheck this to use system openssl libraries
> > > +SSL_USES= ssl
> > >
> > I don't think this is the right approach.
> >
> > 1/ the option (double negative) is confusing.
> > 2/ the default on for it makes it depends always on ports openssl, and mixing
> > port openssl and base openssl is always a mess for end users.
>
> Mmmm, unless I am missing something, I think you are both wrong.
> USES=ssl means "this port uses openssl", it does absolutely nothing
> about using openssl from ports or from the base system, this is left to
> the user by setting DEFAULT_VERSIONS+=ssl=xxx in their make.conf.
>
You are right. To be honnest I have only read the commit log ;)
Best regards
Bapt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/svn-ports-all/attachments/20191105/768cdca7/attachment.sig>
More information about the svn-ports-all
mailing list