From nobody Sun Oct 15 10:41:36 2023
X-Original-To: freebsd-ports@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4S7cHR1LRPz4wlVt
	for <freebsd-ports@mlmmj.nyi.freebsd.org>; Sun, 15 Oct 2023 10:41:39 +0000 (UTC)
	(envelope-from brnrd@freebsd.org)
Received: from smtp-out01.qsp.nl (smtp-out01.qsp.nl [193.254.214.165])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 4S7cHQ3N0Bz3FT2
	for <freebsd-ports@freebsd.org>; Sun, 15 Oct 2023 10:41:38 +0000 (UTC)
	(envelope-from brnrd@freebsd.org)
Authentication-Results: mx1.freebsd.org;
	dkim=none;
	spf=softfail (mx1.freebsd.org: 193.254.214.165 is neither permitted nor denied by domain of brnrd@freebsd.org) smtp.mailfrom=brnrd@freebsd.org;
	dmarc=none
Received: from smtp.brnrd.eu (5921114a.static.cust.trined.nl [89.33.17.74])
	by smtp01.qsp.nl (Postfix) with ESMTPSA id 621E9151A5
	for <freebsd-ports@freebsd.org>; Sun, 15 Oct 2023 12:41:37 +0200 (CEST)
Received: from mail.bachfreund.nl (unknown [127.12.7.10])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by smtp.brnrd.eu (Postfix) with ESMTPSA id 4S7cHP12wnzFlL
	for <freebsd-ports@freebsd.org>; Sun, 15 Oct 2023 10:41:37 +0000 (UTC)
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-ports
List-Help: <mailto:ports+help@freebsd.org>
List-Post: <mailto:ports@freebsd.org>
List-Subscribe: <mailto:ports+subscribe@freebsd.org>
List-Unsubscribe: <mailto:ports+unsubscribe@freebsd.org>
Sender: owner-freebsd-ports@freebsd.org
X-BeenThere: freebsd-ports@freebsd.org
MIME-Version: 1.0
Date: Sun, 15 Oct 2023 10:41:36 +0000
From: Bernard Spil <brnrd@freebsd.org>
To: freebsd-ports@freebsd.org
Subject: Re: HEADS-UP: security/openssl switching to 3.0 branch
In-Reply-To: <92667a5ea6afeab7ce9c55528af34f49@freebsd.org>
References: <92667a5ea6afeab7ce9c55528af34f49@freebsd.org>
Message-ID: <48b835a442707d7b8db4f4b270c12897@freebsd.org>
X-Sender: brnrd@freebsd.org
Content-Type: text/plain; charset=US-ASCII;
 format=flowed
Content-Transfer-Encoding: 7bit
X-Spamd-Bar: ---
X-Spamd-Result: default: False [-3.07 / 15.00];
	NEURAL_HAM_LONG(-1.00)[-1.000];
	NEURAL_HAM_SHORT(-0.99)[-0.995];
	NEURAL_HAM_MEDIUM(-0.98)[-0.975];
	MIME_GOOD(-0.10)[text/plain];
	MLMMJ_DEST(0.00)[freebsd-ports@freebsd.org];
	DMARC_NA(0.00)[freebsd.org];
	FROM_EQ_ENVFROM(0.00)[];
	MIME_TRACE(0.00)[0:+];
	R_DKIM_NA(0.00)[];
	RCVD_COUNT_TWO(0.00)[2];
	ASN(0.00)[asn:12315, ipnet:193.254.214.0/23, country:NL];
	RCVD_TLS_ALL(0.00)[];
	ARC_NA(0.00)[];
	R_SPF_SOFTFAIL(0.00)[~all:c];
	FROM_HAS_DN(0.00)[];
	FREEFALL_USER(0.00)[brnrd];
	RCVD_VIA_SMTP_AUTH(0.00)[];
	RCPT_COUNT_ONE(0.00)[1];
	TO_MATCH_ENVRCPT_ALL(0.00)[];
	PREVIOUSLY_DELIVERED(0.00)[freebsd-ports@freebsd.org];
	MID_RHS_MATCH_FROM(0.00)[];
	TO_DN_NONE(0.00)[];
	TO_DOM_EQ_FROM_DOM(0.00)[]
X-Rspamd-Queue-Id: 4S7cHQ3N0Bz3FT2

On 2023-10-06 11:43, Bernard Spil wrote:
> Hi all,
> 
> In line with FreeBSD 14.0 that has OpenSSL 3.0 in base, all ports are 
> expected to work with this version.
> 
> The following changes will be made between first Release Candidate (RC) 
> and actual RELEASE of FreeBSD 14.0:
> 
> security/openssl    updated from 1.1.1w to 3.0.11
> security/openssl30  removed
> security/openssl111 created with version (1.1.1w)
> UPDATING            an entry about updating all ports for the SHLIBVER 
> bump will be added
> MOVED               an entry for security/openssl30 with target 
> security/openssl will be created
> 
> The security/openssl111 port will be marked "DEPRECATED" in line with 
> statements from the OpenSSL project about the End-of-Life for the 1.1.1 
> branch. No "EXPIRATION_DATE" will be set for now.
> 
> With kind regards, Bernard Spil <brnrd@FreeBSD.org>

Hi all,

DEFAULT_VERSIONS+= openssl is now OpenSSL 3.0.11 (openssl-3.0.11,1)

Quick search in ports tree uncovers the following ports that seem to 
require 1.1.1. I'm chasing them down and adapting the BROKEN_SSL 
versions, but not making them require openssl111 at the moment. Expect a 
commit soon.

audio/umurmur/Makefile:31:BROKEN_SSL=   openssl30 openssl31
audio/murmur/Makefile:17:BROKEN_SSL=    openssl30 openssl31
audio/spotify-tui/Makefile:294:BROKEN_SSL=      base openssl30 openssl31
net/gq/Makefile:48:BROKEN_SSL=  base openssl openssl30 openssl31
mail/enma/Makefile:19:BROKEN_SSL=       openssl30 openssl31
sysutils/vector/Makefile:568:BROKEN_SSL=        base openssl30 openssl31
sysutils/flowgger/Makefile:18:#BROKEN_SSL=      openssl30 openssl31
www/castor/Makefile:133:BROKEN_SSL=     base openssl30 openssl31
www/rearx/Makefile:177:BROKEN_SSL=      base openssl30 openssl31
net-im/telegram-desktop/Makefile:16:BROKEN_SSL= openssl30 openssl31
archivers/xar/Makefile:18:BROKEN_SSL=   openssl30 openssl31
devel/kore/Makefile:13:BROKEN_SSL=      openssl30 openssl31
devel/gbump/Makefile:20:BROKEN_SSL=     openssl30 openssl31
devel/gbump/Makefile:69:BROKEN_SSL=     base openssl30 openssl31
devel/ptlib/Makefile:17:BROKEN_SSL=     openssl30 openssl31
security/pkcs11-tools/Makefile:16:BROKEN_SSL=   libressl openssl30 
openssl31
security/pkcs11-tools/Makefile:18:BROKEN_SSL_REASON_openssl30=  error: 
undefined symbol: EVP_PKEY_*
security/p5-Filter-Crypto/Makefile:19:BROKEN_SSL=       openssl30 
openssl31
security/krb5-119/Makefile:28:BROKEN_SSL=       openssl30 openssl31
security/proxytunnel/Makefile:18:BROKEN_SSL=    openssl30 openssl31
security/py-nassl/Makefile:14:BROKEN_SSL=       openssl30 openssl31
security/gost-engine/Makefile:69:BROKEN_SSL+=   openssl30 # openssl31