Subject: pkg/18157: openssl buildlink (DEPENDS in general!?) doesn't work properly
To: None <gnats-bugs@gnats.netbsd.org>
From: None <tv@pobox.com>
List: netbsd-bugs
Date: 09/03/2002 12:49:00
>Number: 18157
>Category: pkg
>Synopsis: openssl buildlink (DEPENDS in general!?) doesn't work properly
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: pkg-manager
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Tue Sep 03 09:48:00 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator: Todd Vierling
>Release: NetBSD 1.6
>Organization:
DUH.ORG: Pointing out the obvious since 1994.
>Environment:
>Description:
When trying to build a package that depends on openssl via buildlink (say,
"lynx"), the dependency on security/openssl now kicks in because the base
system version doesn't contain the "SA fix". However, if the
ACCEPTABLE_LICENSES is not correct for openssl, its build fails.
This *SHOULD* make the build of the dependent package fail ... yet it
happily goes about building using the base system's openssl and simply
throws up warnings about "no package matching openssl>=..." at install
time. Whee! The "SA fix" didn't fix.
(I've now updated my base system, so this doesn't happen anymore, but this
may point to a much larger DEPENDS deficiency that needs fixing fast.
Hence the critical/high severity/priority.)
>How-To-Repeat:
Install lynx from pkgsrc on a pre-1.6_RC2 system with ACCEPTABLE_LICENSES
unset.
>Fix:
pkgsrc team's department.
>Release-Note:
>Audit-Trail:
>Unformatted: