Disabling openssl from ports

b. f. bf1783 at googlemail.com
Wed Feb 3 12:57:34 UTC 2010

>OK, this /should/ work.  Add the following to /etc/make.conf:
>.if ${.CURDIR:M*/www/pound}

No, it won't -- at least, if you leave it in make.conf after building
www/pound, it wil break all subsequent rebuilds of all other ports
that depend upon the base system openssl.  Matthew, you ought to know
better ...

>From bsd.openssl.mk:

.if defined(WITH_OPENSSL_BASE)
.if exists(${LOCALBASE}/lib/libcrypto.so)
        @${ECHO_CMD} "Dependency error: this port wants the OpenSSL
library from the FreeBSD"
        @${ECHO_CMD} "base system. You can't build against it, while a newer"
        @${ECHO_CMD} "version is installed by a port."
        @${ECHO_CMD} "Please deinstall the port or undefine WITH_OPENSSL_BASE."

Mixing and matching the different openssl versions can lead to
problems (for one thing, there are too many sloppy
LDFLAGS=-L${LOCALBASE}/lib floating around in different ports), and
you'll have to hack port Makefiles and use ldd(1) or other tools to
verify that your changes work.  You're probably better off just using
one or the  other.  If you still want to try it, then I suggest
installing security/openssl in non-default PREFIX, then patching the
www/pound Makefile so that it doesn't use USE_OPENSSL, and then adding
whatever variables are needed by it's configure script to locate and
link with security/openssl to CONFIGURE_ENV and/or MAKE_ENV, as well
as the proper LIB_DEPENDS on security/openssl.  After doing this and
installing www/pound, if rtld(1) is still loading the base system
openssl when www/pound binaries are executed, or can't find the
security/openssl libraries off in their non-default location, then use
libmap.conf(5) to point (only) the www/pound binaries to the
security/openssl libraries.   You'll have to ensure that your changes
to www/pound's Makefile aren't wiped out by subsequent updates to your
Ports tree, of course.


More information about the freebsd-questions mailing list