Re: curl and nginx no longer build on same host

Euan Thoms euan at
Mon Jul 18 20:37:04 UTC 2016

On Tuesday, July 19, 2016 04:03 SGT, Kevin Oberman <rkoberman at> wrote: 
> On Mon, Jul 18, 2016 at 12:45 PM, Euan Thoms <euan at> wrote:
> >
> > On Saturday, July 16, 2016 20:43 SGT, Jim Ohlstein <jim at> wrote:

> >
> > OK, I understand. And I'm glad we're heading somewhere where we will have
> > more consistency. I just feel that we shouldn't need anything in
> > /etc/make.conf unless we are exerting some extra control and using
> > non-default options. I've managed to get away without anything in
> > /etc/make.conf on all my jails, collectively they install quite a range of
> > software types.
> >
> > Are you sure that WITH_OPENSSL_PORT isn't deprecated. I got some warnings
> > to that effect. So I've been using USES+=ssl=openssl instead. Perhaps
> > that's part of the problem, maybe the ftp/curl port is still using the
> > older make.conf flag. I'll try it next time I update.
> >
> > Thanks Jim.
> >

> Yes and no. WITH_OPENSSL_PORT in make,conf has been deprecated. It should
> still work, but you should update to the new syntax. If you do use it, you
> should see the following:
> "Using WITH_OPENSSL_PORT in make.conf is deprecated, replace it with
> DEFAULT_VERSIONS+=ssl=openssl in your make.conf"
> To avoid conflicting SSL libraries in different ports, it is bast to put
> the "DEFAULT_VERSIONS+=ssl=openssl" in /etc/make.conf. If you use base
> OpsnSSL in some ports that create shareable libraries and the ports version
> in others, you will eventually hit an executable, possibly from a third
> port, that is linked to both and those programs will not run.

OK, I'm clear about the make.conf options and what they mean. But I still have a problem in that even if I use DEFAULT_VERSIONS+=ssl=openssl, ftp/curl will not build, certainly not with portmaster and I think I tried building it manually from inside it's ports directory.

/usr/ports/ftp/curl]# make
===>  curl-7.49.1 GSSAPI_BASE is not compatible with OpenSSL from ports. Use
other GSSAPI options or OpenSSL from base system.
*** Error code 1

make: stopped in /usr/ports/ftp/curl

So basically, I'd have to change one of the GSSAPI options in ftp/curl. Except I haven't got a clue on the ramifications of this. Do I need GSSAPI? If so, should I use Heimdal or MIT?

So you see my point, it's not friendly on new FreeBSD users. I'm a fairly experienced FreeBSD sys-adimin and I don't know what to do in this case.

At least I now know that there is a good reason to not have on port built against base openssl and another built against ports openssl. 
Regards, Euan Thoms 

More information about the freebsd-ports mailing list