base components should always be default (Re: change in default openssl coming)

Guido Falsi mad at
Sat Jul 9 10:50:01 UTC 2016

On 07/09/16 12:19, Gerard Seibert wrote:
> On Sat, 9 Jul 2016 10:32:35 +0200, Wojciech Puchar stated:
>> Why openssl is a part of base system at all?
> Interesting question. Perl was removed from the base system years ago
> with no ill affects.

There's a kerberos implementation in base which requires OpenSSL.

libfetch and fetch also require it to access the https sites I can imagine.

svnlite also links to it. (needed for svn+https://)

Most probably also other parts I'm not thinking about.

Completely removing OpenSSL from base requires replacing it with some
other SSL implementation, or removing a lot of other goodies which
interface themselves with the external world from base.

With this change it could be possible to make the base bundled OpenSSL
(or equivalent) a private library never seen by ports (with the
exception of pkg, which also needs it and cannot depend on another
port), which is as near as you can get to removing it.

Such a change would make it easier to update or change it, since it's
not an exposed API/ABI anymore at that point and so not restricted from

Guido Falsi <mad at>

More information about the freebsd-ports mailing list