From owner-freebsd-questions@FreeBSD.ORG Sat Mar 3 13:31:45 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EA956106564A for ; Sat, 3 Mar 2012 13:31:44 +0000 (UTC) (envelope-from jerry@seibercom.net) Received: from mail-yx0-f182.google.com (mail-yx0-f182.google.com [209.85.213.182]) by mx1.freebsd.org (Postfix) with ESMTP id 8E08E8FC15 for ; Sat, 3 Mar 2012 13:31:44 +0000 (UTC) Received: by yenl9 with SMTP id l9so1081242yen.13 for ; Sat, 03 Mar 2012 05:31:44 -0800 (PST) Received-SPF: pass (google.com: domain of jerry@seibercom.net designates 10.236.157.10 as permitted sender) client-ip=10.236.157.10; Authentication-Results: mr.google.com; spf=pass (google.com: domain of jerry@seibercom.net designates 10.236.157.10 as permitted sender) smtp.mail=jerry@seibercom.net Received: from mr.google.com ([10.236.157.10]) by 10.236.157.10 with SMTP id n10mr19028293yhk.41.1330781504014 (num_hops = 1); Sat, 03 Mar 2012 05:31:44 -0800 (PST) Received: by 10.236.157.10 with SMTP id n10mr15071558yhk.41.1330781503920; Sat, 03 Mar 2012 05:31:43 -0800 (PST) Received: from scorpio.seibercom.net (cpe-076-182-104-150.nc.res.rr.com. [76.182.104.150]) by mx.google.com with ESMTPS id o68sm22672799yhk.16.2012.03.03.05.31.42 (version=TLSv1/SSLv3 cipher=OTHER); Sat, 03 Mar 2012 05:31:43 -0800 (PST) Received: from scorpio (localhost [127.0.0.1]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: jerry@scorpio.seibercom.net) by scorpio.seibercom.net (Postfix) with ESMTPSA id 3V0Svx3cCfz2CG44 for ; Sat, 3 Mar 2012 08:31:41 -0500 (EST) Date: Sat, 3 Mar 2012 08:31:41 -0500 From: Jerry To: FreeBSD Message-ID: <20120303083141.1975c60c@scorpio> In-Reply-To: <4F52134E.1090408@infracaninophile.co.uk> References: <86fwdqvf2x.fsf@red.stonehenge.com> <20120302171631.775dd715@scorpio> <867gz2vdtg.fsf@red.stonehenge.com> <20120302182156.58c10d82@scorpio> <4F515B24.9050406@infracaninophile.co.uk> <20120303071958.0c963330@scorpio> <4F52134E.1090408@infracaninophile.co.uk> Organization: seibercom.net X-Mailer: Claws Mail 3.8.0 (GTK+ 2.24.6; amd64-portbld-freebsd8.2) Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAHlBMVEUAAABYRlwJCw4FAgAIBwKprDkBAQFQLR0BAgCir7VRttp8AAACAUlEQVQ4jZWUTYvbMBCGTVl8V2hX6Gg5G5FbWQdBj0lEfE7BhN4cyzi5Wt1E5L70roWy6N92xok/skkP+5IYrMcz78xIduDWpNM3vFzuA/jX5EY1AI6KHFwW/CzFuQAwqUBbV12p+CzIh6Awq7sg33pn5D64SQXAexffeuQlA/L35RrkaB551OjGfP/cAO8mCNaDcgvfky5ijoD0pAXlCQCnljiAjsJD9Ax05Ko5sZxbnLQcmM+dZg5IjREfZrWIHK0JuwU68pAGwHvfRxBundRzTxxz3r9dNUikPsEihjz2Dc4kjp1hKsJGuot4EDxaxzMoC7XqhxhOSfZrTS6gSX1JVdjp+o1PvWfekXgw3WL0g70nDEwA0H0HQsEZc8sTmFMTkWUfYWC/vdR1zQy3xLQgLwzu90QnlnFLjeiGWBjwhb4Sa42IqOg2qqS4O1/zhKokFUb1Q8Rj4Eb69WVflXEehJ35DgChVTE5n50eaGyMLOfH8AOodoSM4PVYAQgQdBulOa+knklYks3vAuQ+uX492lTl+A+e8qBV2AKoXalVKFfyuUp0pUp1ARaUHh82lv9MN+Ig7CZtgE6FNYvjlywT2VP2dMgOG46gTIWcqdfvuwyXNz0oMJNd/N5lh1YNiJt19ADTUo3VuFSNeQwVqRSrGjSCp53fk2g+Mvfk/gfoPxHeUS8MH9vRAAAAAElFTkSuQmCC Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Gm-Message-State: ALoCoQnUufBXSDbfbQJv9456KDmzsLzuTG2ClkVvRV9OHrpDhzgdMmRzXZGt50BzMd+/ixS9C7DB Subject: Re: openssl from ports X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: FreeBSD List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Mar 2012 13:31:45 -0000 On Sat, 03 Mar 2012 12:49:18 +0000 Matthew Seaman articulated: > Unfortunately I can't answer that. I'm not in any position to decide > such things. > > However I can hazard a guess at some of the possible reasons: > > * openssl API changes between 0.9.x and 1.0.0 mean updating the > shlibs is not a trivial operation, and it was judged that the > benefits obtained from updating did not justify the effort. > > * no one had any time to import the new version. There's plenty of > security-critical stuff depending on openssl, and making sure all > of that didn't suffer from any regressions is not a trivial job. > > * simply that no one thought of doing the upgrade. Thanks Matthew. Personally, I have my own take on the matter. Regarding your first two possibility, I believe the problem can be directly traced to "procrastination". At some point in time, there will come the need to update the base system's OPENSSL version. Procrastination only doubles the work you have to do tomorrow. It reminds me of what a college professor once told me, "There is never enough time to do it right, but there is always enough time to do it over." Sad but true. As to your third possibility, the need to update the port has been mentioned several times on this forum over the past year. I find it extremely improbable that no one considered the possibility that the existing application might not be up-to-date. Yet, as has been stated numerous times, if you always expect the worst in people you will never be disappointed. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________