Re: using security/openssl in a port

2018-01-05 Thread Eugene Grosbein 
05.01.2018 11:16, Matthew Luckie пишет:
> On 1/5/18 5:09 PM, Eugene Grosbein wrote:
>> On 05.01.2018 09:44, Matthew Luckie wrote:
>>
>>> My main worry is that I could not find a single port that apparently
>>> depends on security/openssl.  I'm worried that its more complicated than
>>> simply declaring a dependency on security/openssl on particular freebsd
>>> versions because other ports that use openssl might link against it
>>> without registering a dependency.  Is my worry misplaced?
>>
>> Why don't you read the Porter's Handbook? It has answers to all your 
>> questions:
>>
>> https://www.freebsd.org/doc/en_US.ISO8859-1/books/porters-handbook/uses-ssl.html
> 
> I already said that I considered USES = ssl and that it didn't seem to
> address my concerns.  Can you please point me at a port that depends on
> OpenSSL from ports using USES = ssl (or whatever this page of the
> porters handbook is trying to tell me to do).

For example, net/vtun has this:

.include 

.if ${SSL_DEFAULT:Mopenssl-devel}
BROKEN= Does not build with openssl-devel
.endif

.include 

That is, it stops build if user has specified SSL_DEFAULT=openssl-devel.
You need to stop build if FreeBSD version is old and user has NOT specified
SSL_DEFAULT=openssl (instead of SSL_DEFAULT=base) to build your port with 
security/openssl.





signature.asc
Description: OpenPGP digital signature

Re: using security/openssl in a port

2018-01-05 Thread Mathieu Arnold 
Le 05/01/2018 à 03:11, Matthew Luckie a écrit :
> Hi,
>
> I maintain a port that has a new release which requires openssl 1.0.2 to
> build.  FreeBSD 10.3 and 10.4 both have openssl 1.0.1, and 11 onwards
> have 1.0.2.  Is there a magic way to have this port depend on ports
> openssl for freebsd releases without openssl 1.0.2?  I ran
>
> find /usr/ports -exec grep "security/openssl" {} \; -print
>
> and didn't find anything that I could use as a recipe.  USES = ssl
> doesn't seem to be it either.


You NEVER forcefully depend on security/openssl directly. You USES=ssl,
and you use whatever default is available.  So, in your case, you need
something like this:


.include 

.if ${OSVERSION} < 1100085
BROKEN_SSL=   base
BROKEN_SSL_REASON= Needs OpenSSL 1.0.2+
.endif


-- 
Mathieu Arnold




signature.asc
Description: OpenPGP digital signature

Re: using security/openssl in a port

2018-01-04 Thread Chris H 

On Fri, 5 Jan 2018 17:16:30 +1300 "Matthew Luckie"  said


On 1/5/18 5:09 PM, Eugene Grosbein wrote:
> On 05.01.2018 09:44, Matthew Luckie wrote:
> 
>> My main worry is that I could not find a single port that apparently

>> depends on security/openssl.  I'm worried that its more complicated than
>> simply declaring a dependency on security/openssl on particular freebsd
>> versions because other ports that use openssl might link against it
>> without registering a dependency.  Is my worry misplaced?
> 
> Why don't you read the Porter's Handbook? It has answers to all your

> questions:
> 
>

> 
https://www.freebsd.org/doc/en_US.ISO8859-1/books/porters-handbook/uses-ssl.html

I already said that I considered USES = ssl and that it didn't seem to
address my concerns.  Can you please point me at a port that depends on
OpenSSL from ports using USES = ssl (or whatever this page of the
porters handbook is trying to tell me to do).

Thanks,

Matthew

May I humbly suggest that you have a look at ports that near guarantee
an *SSL option? Consider most of the web servers, and scripting languages,
such as; php, python, and Perl. In fact I would venture a guess that most
of the ports in the www category will hint to SSL. As well as the lang
category, where the language is prominently used on the (inter)net.

HTH

--Chris


___
freebsd-ports@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"

Re: using security/openssl in a port

2018-01-04 Thread Matthew Luckie 
On 1/5/18 5:09 PM, Eugene Grosbein wrote:
> On 05.01.2018 09:44, Matthew Luckie wrote:
> 
>> My main worry is that I could not find a single port that apparently
>> depends on security/openssl.  I'm worried that its more complicated than
>> simply declaring a dependency on security/openssl on particular freebsd
>> versions because other ports that use openssl might link against it
>> without registering a dependency.  Is my worry misplaced?
> 
> Why don't you read the Porter's Handbook? It has answers to all your 
> questions:
> 
> https://www.freebsd.org/doc/en_US.ISO8859-1/books/porters-handbook/uses-ssl.html

I already said that I considered USES = ssl and that it didn't seem to
address my concerns.  Can you please point me at a port that depends on
OpenSSL from ports using USES = ssl (or whatever this page of the
porters handbook is trying to tell me to do).

Thanks,

Matthew



signature.asc
Description: OpenPGP digital signature

Re: using security/openssl in a port

2018-01-04 Thread Eugene Grosbein 
On 05.01.2018 09:44, Matthew Luckie wrote:

> My main worry is that I could not find a single port that apparently
> depends on security/openssl.  I'm worried that its more complicated than
> simply declaring a dependency on security/openssl on particular freebsd
> versions because other ports that use openssl might link against it
> without registering a dependency.  Is my worry misplaced?

Why don't you read the Porter's Handbook? It has answers to all your questions:

https://www.freebsd.org/doc/en_US.ISO8859-1/books/porters-handbook/uses-ssl.html


___
freebsd-ports@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"

Re: using security/openssl in a port

2018-01-04 Thread Matthew Luckie 
On 01/05/18 15:37, Chris H wrote:
> On Fri, 5 Jan 2018 15:11:00 +1300 "Matthew Luckie"  said
> 
>> Hi,
>>
>> I maintain a port that has a new release which requires openssl 1.0.2 to
>> build.  FreeBSD 10.3 and 10.4 both have openssl 1.0.1, and 11 onwards
>> have 1.0.2.  Is there a magic way to have this port depend on ports
>> openssl for freebsd releases without openssl 1.0.2?  I ran
>>
>> find /usr/ports -exec grep "security/openssl" {} \; -print
>>
>> and didn't find anything that I could use as a recipe.  USES = ssl
>> doesn't seem to be it either.
>>
>> Matthew
> Hello Matthew,
> Have a look at ports/Mk/bsd.port.mk
> In there you will find some clues for defining rules for building
> for specific (bsd)OS versions -- like >=X, or .if OSREL <=XX ...
> As well as only permitting build/install when the correct version
> of security/openssl is found in the systems ports tree.
> It's well commented, and should give you some good options to try.
> It will also give some good clues to search the ports tree for. Where
> you can simply copy someone else's work verbatim. :-)
> 
> You might also try the following alternative for searching;
> cd /usr/ports
> find . | xargs 
> 
> HTH

My main worry is that I could not find a single port that apparently
depends on security/openssl.  I'm worried that its more complicated than
simply declaring a dependency on security/openssl on particular freebsd
versions because other ports that use openssl might link against it
without registering a dependency.  Is my worry misplaced?

Matthew



signature.asc
Description: OpenPGP digital signature

Re: using security/openssl in a port

2018-01-04 Thread Chris H 

On Fri, 5 Jan 2018 15:44:31 +1300 "Matthew Luckie"  said


On 01/05/18 15:37, Chris H wrote:
> On Fri, 5 Jan 2018 15:11:00 +1300 "Matthew Luckie"  said
> 
>> Hi,

>>
>> I maintain a port that has a new release which requires openssl 1.0.2 to
>> build.  FreeBSD 10.3 and 10.4 both have openssl 1.0.1, and 11 onwards
>> have 1.0.2.  Is there a magic way to have this port depend on ports
>> openssl for freebsd releases without openssl 1.0.2?  I ran
>>
>> find /usr/ports -exec grep "security/openssl" {} \; -print
>>
>> and didn't find anything that I could use as a recipe.  USES = ssl
>> doesn't seem to be it either.
>>
>> Matthew
> Hello Matthew,
> Have a look at ports/Mk/bsd.port.mk
> In there you will find some clues for defining rules for building
> for specific (bsd)OS versions -- like >=X, or .if OSREL <=XX ...
> As well as only permitting build/install when the correct version
> of security/openssl is found in the systems ports tree.
> It's well commented, and should give you some good options to try.
> It will also give some good clues to search the ports tree for. Where
> you can simply copy someone else's work verbatim. :-)
> 
> You might also try the following alternative for searching;

> cd /usr/ports
> find . | xargs 
> 
> HTH


My main worry is that I could not find a single port that apparently
depends on security/openssl.  I'm worried that its more complicated than
simply declaring a dependency on security/openssl on particular freebsd
versions because other ports that use openssl might link against it
without registering a dependency.  Is my worry misplaced?

Openssl is a PITA. You *also* have to consider whether the user is using
openssl in $BASE, rather than the ports version. There are many variables
to consider, and I don't envy you on this. :-)

If you get something you think might work, feel free to ask about it. :-)

--Chris


Matthew



___
freebsd-ports@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"

Re: using security/openssl in a port

2018-01-04 Thread Chris H 

On Fri, 5 Jan 2018 15:11:00 +1300 "Matthew Luckie"  said


Hi,

I maintain a port that has a new release which requires openssl 1.0.2 to
build.  FreeBSD 10.3 and 10.4 both have openssl 1.0.1, and 11 onwards
have 1.0.2.  Is there a magic way to have this port depend on ports
openssl for freebsd releases without openssl 1.0.2?  I ran

find /usr/ports -exec grep "security/openssl" {} \; -print

and didn't find anything that I could use as a recipe.  USES = ssl
doesn't seem to be it either.

Matthew

Hello Matthew,
Have a look at ports/Mk/bsd.port.mk
In there you will find some clues for defining rules for building
for specific (bsd)OS versions -- like >=X, or .if OSREL <=XX ...
As well as only permitting build/install when the correct version
of security/openssl is found in the systems ports tree.
It's well commented, and should give you some good options to try.
It will also give some good clues to search the ports tree for. Where
you can simply copy someone else's work verbatim. :-)

You might also try the following alternative for searching;
cd /usr/ports
find . | xargs 

HTH

--Chris


___
freebsd-ports@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"

Re: using security/openssl in a port

2018-01-04 Thread Eugene Grosbein 
05.01.2018 9:11, Matthew Luckie wrote:

> I maintain a port that has a new release which requires openssl 1.0.2 to
> build.  FreeBSD 10.3 and 10.4 both have openssl 1.0.1, and 11 onwards
> have 1.0.2.  Is there a magic way to have this port depend on ports
> openssl for freebsd releases without openssl 1.0.2?  I ran
> 
> find /usr/ports -exec grep "security/openssl" {} \; -print
> 
> and didn't find anything that I could use as a recipe.  USES = ssl
> doesn't seem to be it either.

https://www.freebsd.org/doc/en/books/porters-handbook/porting-versions.html
https://www.freebsd.org/doc/en/books/porters-handbook/versions-11.html

FreeBSD had openssl-1.0.1 in the base before import of 1.0.2d (1100085),
so use this in the port's Makefile:

.if ${OPSYS} == FreeBSD && ${OSVERSION} < 1100085
# add dependency here
.endif

___
freebsd-ports@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"