ports/182985 maintainer timeout

Scot Hetzel swhetzel at gmail.com
Fri Mar 7 07:49:19 UTC 2014

On Thu, Mar 6, 2014 at 8:05 PM, Darren Pilgrim <darren at laskoprinting.com> wrote:
> On 3/6/2014 3:07 PM, Mark Felder wrote:
>> Hi Darren,
>> I'm trying to understand exactly what we're looking at here. Is the
>> problem:
>> "nginx always builds against OpenSSL in base (for FreeBSD 10+?)" ?
>> If so, that's correct; it should not build against OpenSSL from ports
>> just because the version from ports happens to be installed.
> No, actually, that's exactly what it should do.  If I install OpenSSL from
> ports and set WITH_OPENSSL_PORT in /etc/make.conf, the express intent is to
> require all OpenSSL-using ports to link to the ports version.
> Nginx with SPDY needs NPN, which means OpenSSL 1.0.1 or later.  Thus for 9.x
> and earlier we need to set WITH_OPENSSL_PORT.  For 10.0 and later, both
> versions will work, so the correct behaviour for nginx is to say it does not
> specifically require either by not setting either WITH_OPENSSL_* variable.

Darren is correct, the intent of bsd.openssl.mk is to build using the
security/openssl port when WITH_OPENSSL_PORT is defined in
/etc/make.conf by the local administrator.  What the www/nginx port
does is it forces the build to always use the base version when
${OSVERSION} >= 1000028 by setting WITH_OPENSSL_BASE.  The port should
not be doing this.


No electrons were maimed while sending this message. Only slightly bruised.

More information about the freebsd-ports mailing list