lighttpd does not pull OpenSSL dependency
David Demelier
demelier.david at gmail.com
Thu Oct 27 12:49:12 UTC 2016
2016-10-27 11:00 GMT+02:00 Mathieu Arnold <mat at freebsd.org>:
> Before changing the default, though, I need to change the way GSSAPI is
> handled, and create a DEFAULT_VERSIONS+=gssapi=<base,mit,heimdal,...>
> and change all the ports with the USES=gssapi that gives options to the
> users.
> But I don't use all of that, so I need help figuring out which should be
> the default afterwards (it can't be base, because you can't mix base
> heimdal with non base openssl)
I've just tested my lighttpd package into a fresh jail, it has not
installed openssl and the lighttpd binary was using /usr/lib/libssl
from base instead.
There is indeed something wrong then, because if I install openssl,
lighttpd will use one from /usr/local/lib which is terrible as we have
no guarantee about openssl ABI compatibility.
I don't know much linker options, but it is possible to make absolute
shared library dependency ? Like -l/usr/lib/libssl.so instead of
-lssl. Will this force lighttpd to use openssl from base?
That's what I dislike in having some software in base and also in
ports. We need to figure out that. Or the best is to avoid having too
much software in base. For example, it's nice to have ssh in base, but
I have no problem if we need to install it in the next years. This
will also have the benefits of more recent versions.
By the way, for what openssl is needed in base?
Regards,
--
Demelier David
More information about the freebsd-ports
mailing list