Re: SSL configured wrong for DragonFly. How can it be fixed?

To: marino%netbsd.org@localhost
Subject: Re: SSL configured wrong for DragonFly. How can it be fixed?
From: Jonathan Perkin <jperkin%joyent.com@localhost>
Date: Fri, 25 Nov 2016 16:06:04 +0000

* On 2016-11-25 at 15:06 GMT, John Marino wrote:

> On 11/25/2016 01:56, Jonathan Perkin wrote:
> > * On 2016-11-25 at 00:03 GMT, John Marino wrote:
> > 
> > > pkgsrc assumes OpenSSL base at /usr:
> > > security/openssl/builtin.mk:127:BUILDLINK_PREFIX.openssl= /usr
> > > 
> > > This assumption is wrong for DragonFly which has a private OpenSSL library
> > > only for base use.  pkgsrc is supposed to build and use its own OpenSSL.
> > > 
> > > The BUILDLINK_PREFIX.openssl is hardcoded. What's the proper fix for pkgsrc?
> > > (Yes, I know I can patch it in pkgsrc-synth).
> > 
> > pkgsrc will only enable a builtin if it finds the necessary libraries
> > and headers in the base system.
> 
> Unfortunately this statement isn't true at all.
> 1. It only checks for headers, not libraries
> 2. It arrives at the wrong value at all these examples (termcap, curses,
> readline, openssl).  It seems not to consider the possibility that no base
> library exists at all.

Ok, so let's fix that.  Try this (untested):

Index: security/openssl/builtin.mk
===================================================================
RCS file: /cvsroot/pkgsrc/security/openssl/builtin.mk,v
retrieving revision 1.43
diff -u -r1.43 builtin.mk
--- security/openssl/builtin.mk	26 Mar 2015 08:05:02 -0000	1.43
+++ security/openssl/builtin.mk	25 Nov 2016 16:04:31 -0000
@@ -16,7 +16,10 @@
 .if !defined(IS_BUILTIN.openssl)
 IS_BUILTIN.openssl=	no
 .  if empty(H_OPENSSLV:M__nonexistent__) && empty(H_OPENSSLV:M${LOCALBASE}/*)
+.    if ${BUILTIN_LIB_FOUND.crypto:tl} == "yes" && \
+        ${BUILTIN_LIB_FOUND.ssl:tl} == "yes"
 IS_BUILTIN.openssl=	yes
+.    endif
 .  endif
 .endif
 MAKEVARS+=	IS_BUILTIN.openssl

> > This is performed using the
> > BUILTIN_FIND_* variables defined in security/openssl/builtin.mk.  If
> > those tests aren't satisfied and IS_BUILTIN.openssl=no then pkgsrc
> > will not use the builtin, even if you ask it to.
> 
> yet that it does.  The point of the original post is that those tests are
> insufficient, which may have been unknown to everyone but me and wiz.

It wasn't clear, no.

Regards,

-- 
Jonathan Perkin  -  Joyent, Inc.  -  www.joyent.com

References:
- SSL configured wrong for DragonFly. How can it be fixed?
  - From: John Marino
- Re: SSL configured wrong for DragonFly. How can it be fixed?
  - From: Jonathan Perkin
- Re: SSL configured wrong for DragonFly. How can it be fixed?
  - From: John Marino

Prev by Date: glib2 on linux
Next by Date: Get rsync to respect the nodump flag?
Previous by Thread: Re: SSL configured wrong for DragonFly. How can it be fixed?
Next by Thread: ncursesw: Problems with displaying wide chars
Indexes:

Home | Main Index | Thread Index | Old Index