what to do when base openssl isn't suitable

Gerard Seibert carmel_ny at outlook.com
Sun Jul 3 17:38:44 UTC 2016

On Sun, 3 Jul 2016 18:27:45 +0200, Mathieu Arnold stated:

>+--On 1 juillet 2016 11:59:18 -0700 Don Lewis <truckman at FreeBSD.org>
>wrote: | I've got a port that does not work with base openssl because
>it looks | for libssl.pc.  Other than that, I don't think it is picky
>about what | flavor of ports ssl is installed.  Because the default
>version of ssl | still defaults to base, I don't see a way to get this
>port to build on | the cluster, so there is no way to provide binary
>packages.  That's a | problem for end users because this port has
>bunch of huge build | dependencies.  Thoughts?
>Right now, you put int he port's Makefile (it always was wrong to do
>so, but so many are doing it...):
>This summer, I'll change the default OpenSSL from base to
>security/openssl, and at that point, I will remove all the
>WITH_OPENSSL_PORT for a check with SSL_DEFAULT (that will get the port
>ignored if it the wrong SSL is used.) It needs some work WRT GSSAPI to
>make sure a sane default is choosen if building with ports openssl.
>And then, in the near future, I'll remove support for base openssl and
>gssapi in the ports tree, so that everything is always built with

Sounds like a sane plan to me. I have always hated the duplication of
applications in ports and base. In almost all cases, the "base"
application is older than the port version. Updating it is more work,
and inevitable a conflict arises.


More information about the freebsd-ports mailing list