Pourdriere produces faulty build results due to bsd.openssl.mk bug

Guido Falsi mad at madpilot.net
Wed Apr 1 21:37:41 UTC 2015

On 04/01/15 23:21, Yuri wrote:
> On 04/01/2015 14:17, Jung-uk Kim wrote:
>> I know bsd.openssl.mk has been broken for very long time.  For example,
>> http://docs.freebsd.org/cgi/mid.cgi?50108FEF.3030405
>> However, I am not sure whether entirely removing it is the best way
>> going forward.
> I mean, removing of the dependency on base. Ports should use only
> openssl port.
> If you think this isn't a good idea, and ports should still occasionally
> use base openssl, would you care to explain why you think so?

I'm not in the position of taking such decisions, but based on some
experience and quick tests I have discovered that changing the default
would cause ports now working to break.

I generally agree with your idea that ports should use ports ssl, but
making this switch is more difficult than just changing a variable. Some
real testing is needed, and just exp-runs would not suffice, most
software would show misbehavior only at runtime.

Some examples of things that could (and will) go wrong:

- ports silently linking to base ssl due to weirdness in their build scripts

- ports linking to other libraries in base which are linked to base ssl,
causing conflicts

- ports interacting with base parts, which are using base ssl.

All this without accounting for eventual ports who do need older ssl to
work, causing further mixing.

I have experienced or seen reports about all tree examples. Also, you
could have a look at this bug:


Guido Falsi <mad at madpilot.net>

More information about the freebsd-ports mailing list