svn commit: r515574 - head/security/cyrus-sasl2

Eugene Grosbein eugen at freebsd.org
Wed Nov 6 00:29:59 UTC 2019 

05.11.2019 20:12, Baptiste Daroussin wrote:

> On Fri, Oct 25, 2019 at 03:21:17AM +0000, Eugene Grosbein wrote:
>> Author: eugen
>> Date: Fri Oct 25 03:21:16 2019
>> New Revision: 515574
>> URL: https://svnweb.freebsd.org/changeset/ports/515574
>>
>> Log:
>>   security/cyrus-sasl2: unbreak building with stock OpenSSL for stable/11
>>   
>>   Sendmail bundled with FreeBSD has SASL support and the Handbook tells
>>   how to rebuild the Sendmail with SASL enabled if you have installed
>>   cyrus-sasl2 that links with OpenSSL's libcrypto.
>>   
>>   Sendmail uses old OpenSSL 1.0.2 API, so cyrus-sasl2 should be built
>>   with stock libcrypto even if newer OpenSSL is installed for Ports.
>>   
>>   This change adds new option SSL to the port (enabled by default).
>>   If disabled, cyrus-sasl2 is built witch stock libcrypto not depending
>>   on ports version of OpenSSL.
>>   
>>   PORTREVISION not changed as default build is not affected.
>>
>> Modified:
>>   head/security/cyrus-sasl2/Makefile
>>   head/security/cyrus-sasl2/Makefile.common
>>
>> Modified: head/security/cyrus-sasl2/Makefile
>> ==============================================================================
>> --- head/security/cyrus-sasl2/Makefile	Fri Oct 25 03:15:48 2019	(r515573)
>> +++ head/security/cyrus-sasl2/Makefile	Fri Oct 25 03:21:16 2019	(r515574)
>> @@ -11,13 +11,14 @@ CYRUS_CONFIGURE_ARGS=	--with-saslauthd=${SASLAUTHD_RUN
>>  
>>  NO_OPTIONS_SORT=	yes
>>  OPTIONS_DEFINE=		ALWAYSTRUE AUTHDAEMOND DOCS KEEP_DB_OPEN \
>> -			OBSOLETE_CRAM_ATTR OBSOLETE_DIGEST_ATTR
>> +			OBSOLETE_CRAM_ATTR OBSOLETE_DIGEST_ATTR SSL
>>  OPTIONS_RADIO=		SASLDB
>>  OPTIONS_RADIO_SASLDB=	BDB1 BDB GDBM LMDB
>>  OPTIONS_GROUP=		PLUGIN
>>  OPTIONS_GROUP_PLUGIN=	ANONYMOUS CRAM DIGEST LOGIN NTLM OTP PLAIN SCRAM
>>  OPTIONS_DEFAULT=	ANONYMOUS AUTHDAEMOND BDB1 OBSOLETE_CRAM_ATTR CRAM \
>> -			OBSOLETE_DIGEST_ATTR DIGEST LOGIN NTLM OTP PLAIN SCRAM
>> +			OBSOLETE_DIGEST_ATTR DIGEST LOGIN NTLM OTP PLAIN SCRAM \
>> +			SSL
>>  OPTIONS_SUB=		yes
>>  ALWAYSTRUE_DESC=	Alwaystrue password verifier (discouraged)
>>  ALWAYSTRUE_CONFIGURE_ENABLE=alwaystrue
>> @@ -61,6 +62,8 @@ PLAIN_DESC=		PLAIN authentication
>>  PLAIN_CONFIGURE_ENABLE=	plain
>>  SCRAM_DESC=		SCRAM authentication
>>  SCRAM_CONFIGURE_ENABLE=	scram
>> +SSL_DESC=		Uncheck this to use system openssl libraries
>> +SSL_USES=		ssl
>>  
> I don't think this is the right approach.
> 
> 1/ the option (double negative) is confusing.

I'm open for naming suggestions as English is not my native language.

> 2/ the default on for it makes it depends always on ports openssl, and mixing
> port openssl and base openssl is always a mess for end users.

You skipped part of change for security/cyrus-sasl2/Makefile.common
I've just moved unconditional USES+=ssl from that file, so default ON does not change anything,
no mixing.

More information about the svn-ports-all mailing list