From owner-freebsd-arch@FreeBSD.ORG Thu May 15 07:57:59 2003 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D844D37B401 for ; Thu, 15 May 2003 07:57:59 -0700 (PDT) Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2CD9E43F93 for ; Thu, 15 May 2003 07:57:39 -0700 (PDT) (envelope-from ru@whale.sunbay.crimea.ua) Received: from whale.sunbay.crimea.ua (ru@localhost [127.0.0.1]) h4FEvLEd070885 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 15 May 2003 17:57:21 +0300 (EEST) (envelope-from ru@whale.sunbay.crimea.ua) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.12.9/8.12.8/Submit) id h4FEvL9Z070880; Thu, 15 May 2003 17:57:21 +0300 (EEST) (envelope-from ru) Date: Thu, 15 May 2003 17:57:21 +0300 From: Ruslan Ermilov To: Dag-Erling Smorgrav Message-ID: <20030515145721.GA68695@sunbay.com> References: Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="Q68bSM7Ycu6FN28Q" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.4i cc: arch@freebsd.org Subject: Re: NOCRYPT / NOSECURE X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 May 2003 14:58:00 -0000 --Q68bSM7Ycu6FN28Q Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, May 15, 2003 at 04:20:08PM +0200, Dag-Erling Smorgrav wrote: > I just tried to run a tinderbox with NOCRYPT and NOSECURE (but not > NO_OPENSSL) defined. It failed because there are Makefiles > (games/factor was the one that broke the build, but glimpse(1) tells > me there are others) which check NO_OPENSSL and / or NOCRYPT but not > NOSECURE. >=20 > NOSECURE is a meaningless subset of NOCRYPT. It means "don't descend > into src/secure", but that's equivalent to NOCRYPT because a) we don't > descend into src/secure if NOCRYPT is set and b) the only significant > stuff which NOCRYPT disables but NOSECURE doesn't is Kerberos, which > requires OpenSSL, which isn't built in the NOSECURE case, so there's > no way we can build world with NOSECURE but not NOCRYPT. >=20 > I would therefore like to remove NOSECURE, preferably before 5.1. >=20 I'm all for it. I tired of fixing all these NOCRYPT/NOSECURE/NO_OPENSSL/NO_OPENSSH combinations. Please go ahead. > NO_OPENSSL is also a subset of NOCRYPT. There is so little that > builds with NO_OPENSSL but not with NOCRYPT that I think it might be > worthwhile to deprecate NO_OPENSSL and change the description of > NOCRYPT from "will prevent building of crypt versions" to "do not > build crypto-related software" >=20 I'm not so sure about NO_OPENSSL. --=20 Ruslan Ermilov Sysadmin and DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age --Q68bSM7Ycu6FN28Q Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD4DBQE+w6rRUkv4P6juNwoRAtMIAJjx08ViyNax/w0ejKZkOJlYmz+JAJ0YLALE gXKbTGXe2ixqkf6t7m8QbA== =8heB -----END PGP SIGNATURE----- --Q68bSM7Ycu6FN28Q--