From owner-svn-ports-head@freebsd.org Thu Jun 16 13:23:00 2016 Return-Path: Delivered-To: svn-ports-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D2724A47E5A; Thu, 16 Jun 2016 13:23:00 +0000 (UTC) (envelope-from mat@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 946621517; Thu, 16 Jun 2016 13:23:00 +0000 (UTC) (envelope-from mat@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u5GDMx2Y076376; Thu, 16 Jun 2016 13:22:59 GMT (envelope-from mat@FreeBSD.org) Received: (from mat@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u5GDMx00076369; Thu, 16 Jun 2016 13:22:59 GMT (envelope-from mat@FreeBSD.org) Message-Id: <201606161322.u5GDMx00076369@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: mat set sender to mat@FreeBSD.org using -f From: Mathieu Arnold Date: Thu, 16 Jun 2016 13:22:59 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r416965 - in head: . Mk security/libressl security/libressl-devel security/openssl security/openssl-devel X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Jun 2016 13:23:00 -0000 Author: mat Date: Thu Jun 16 13:22:58 2016 New Revision: 416965 URL: https://svnweb.freebsd.org/changeset/ports/416965 Log: Add DEFAULT_VERSIONS=ssl=XXX Move the openssl detection routine to bsd.default-version.mk. Add warnings telling people to not use WITH_OPENSSL_PORT or WITH_OPENSSL_BASE. To ease maintainability, change the way the different ssl libraries version numbers are checked. PR: 210149 Submitted by: mat Exp-run by: antoine Sponsored by: The FreeBSD Foundation, Absolight Differential Revision: https://reviews.freebsd.org/D6577 Added: head/security/libressl-devel/version.mk (contents, props changed) head/security/libressl/version.mk (contents, props changed) head/security/openssl-devel/version.mk (contents, props changed) head/security/openssl/version.mk (contents, props changed) Modified: head/Mk/bsd.default-versions.mk (contents, props changed) head/Mk/bsd.openssl.mk (contents, props changed) head/UPDATING Modified: head/Mk/bsd.default-versions.mk ============================================================================== --- head/Mk/bsd.default-versions.mk Thu Jun 16 13:21:06 2016 (r416964) +++ head/Mk/bsd.default-versions.mk Thu Jun 16 13:22:58 2016 (r416965) @@ -61,6 +61,47 @@ PYTHON2_DEFAULT?= 2.7 PYTHON3_DEFAULT?= 3.4 # Possible values: 2.0, 2.1, 2.2, 2.3 RUBY_DEFAULT?= 2.2 +# Possible values: base, openssl, openssl-devel, libressl, libressl-devel +.if !defined(SSL_DEFAULT) +# If no preference was set, check for an installed base version +# but give an installed port preference over it. +. if defined(WITH_OPENSSL_PORT) +. if defined(OPENSSL_PORT) +SSL_DEFAULT:=${OPENSSL_PORT:T} +WARNING+= "Using WITH_OPENSSL_PORT and OPENSSL_PORT in make.conf is deprecated, replace them with DEFAULT_VERSIONS+=ssl=${SSL_DEFAULT}" +. else +SSL_DEFAULT=openssl +WARNING+= "Using WITH_OPENSSL_PORT in make.conf is deprecated, replace it with DEFAULT_VERSIONS+=ssl=openssl" +. endif +. elif defined(WITH_OPENSSL_BASE) +SSL_DEFAULT=base +WARNING+= "USing WITH_OPENSSL_BASE in make.conf is deprecated, replace it with DEFAULT_VERSIONS+=ssl=base" +. elif !defined(WITH_OPENSSL_BASE) && \ + !defined(WITH_OPENSSL_PORT) && \ + !defined(SSL_DEFAULT) && \ + !exists(${DESTDIR}/${LOCALBASE}/lib/libcrypto.so) && \ + exists(${DESTDIR}/usr/include/openssl/opensslv.h) +SSL_DEFAULT= base +. else +. if exists(${DESTDIR}/${LOCALBASE}/lib/libcrypto.so) +# find installed port and use it for dependency +. if !defined(OPENSSL_INSTALLED) +. if defined(DESTDIR) +PKGARGS= -c ${DESTDIR} +. else +PKGARGS= +. endif +OPENSSL_INSTALLED!= ${PKG_BIN} ${PKGARGS} which -qo ${LOCALBASE}/lib/libcrypto.so || : +. endif +. if defined(OPENSSL_INSTALLED) && !empty(OPENSSL_INSTALLED) +SSL_DEFAULT:= ${OPENSSL_INSTALLED:T} +WARNING+= "You have ${OPENSSL_INSTALLED} installed but do not have DEFAULT_VERSIONS+=ssl=${SSL_DEFAULT} set" +. endif +. endif +. endif +# Make sure we have a default in the end +SSL_DEFAULT?= base +.endif # Possible values: 8.4, 8.5, 8.6 TCLTK_DEFAULT?= 8.6 Modified: head/Mk/bsd.openssl.mk ============================================================================== --- head/Mk/bsd.openssl.mk Thu Jun 16 13:21:06 2016 (r416964) +++ head/Mk/bsd.openssl.mk Thu Jun 16 13:22:58 2016 (r416965) @@ -31,16 +31,9 @@ OpenSSL_Include_MAINTAINER= dinoex@FreeBSD.org -# If no preference was set, check for an installed base version -# but give an installed port preference over it. -.if !defined(WITH_OPENSSL_BASE) && \ - !defined(WITH_OPENSSL_PORT) && \ - !exists(${DESTDIR}/${LOCALBASE}/lib/libcrypto.so) && \ - exists(${DESTDIR}/usr/include/openssl/opensslv.h) -WITH_OPENSSL_BASE=yes -.endif +.include "${PORTSDIR}/Mk/bsd.default-versions.mk" -.if defined(WITH_OPENSSL_BASE) +.if ${SSL_DEFAULT} == base OPENSSLBASE= /usr OPENSSLDIR?= /etc/ssl @@ -59,7 +52,7 @@ check-depends:: @${ECHO_CMD} "Dependency error: This port wants the OpenSSL library from the FreeBSD" @${ECHO_CMD} "base system. You can't build against it, while a newer" @${ECHO_CMD} "version is installed by a port." - @${ECHO_CMD} "Please deinstall the port or undefine WITH_OPENSSL_BASE." + @${ECHO_CMD} "Please deinstall the port, remove DEFAULT_VERSIONS=ssl=base or undefine WITH_OPENSSL_BASE." @${FALSE} . endif @@ -81,39 +74,18 @@ OPENSSL_CFLAGS+= -DNO_IDEA MAKE_ARGS+= OPENSSL_CFLAGS="${OPENSSL_CFLAGS}" . endif -.else # !defined(WITH_OPENSSL_BASE) +.else # ${SSL_DEFAULT} != base OPENSSLBASE= ${LOCALBASE} -. if !defined(OPENSSL_PORT) && \ - exists(${DESTDIR}/${LOCALBASE}/lib/libcrypto.so) -# find installed port and use it for dependency -. if !defined(OPENSSL_INSTALLED) -. if defined(DESTDIR) -PKGARGS= -c ${DESTDIR} -. else -PKGARGS= -. endif -OPENSSL_INSTALLED!= ${PKG_BIN} ${PKGARGS} which -qo ${LOCALBASE}/lib/libcrypto.so || : -. endif -. if defined(OPENSSL_INSTALLED) && ${OPENSSL_INSTALLED} != "" -OPENSSL_PORT= ${OPENSSL_INSTALLED} -OPENSSL_SHLIBFILE!= ${PKG_INFO} -ql ${OPENSSL_INSTALLED} | ${GREP} "^`${PKG_QUERY} "%p" ${OPENSSL_INSTALLED}`/lib/libcrypto.so.[0-9]*$$" -OPENSSL_SHLIBVER?= ${OPENSSL_SHLIBFILE:E} -. endif -. endif -# LibreSSL and OpenSSL-BETA specific SHLIBVER -. if defined(OPENSSL_PORT) && ${OPENSSL_PORT} == security/libressl -OPENSSL_SHLIBVER?= 37 -. elif defined(OPENSSL_PORT) && ${OPENSSL_PORT} == security/libressl-devel -OPENSSL_SHLIBVER?= 38 -. elif defined(OPENSSL_PORT) && ${OPENSSL_PORT} == security/openssl-devel -OPENSSL_SHLIBVER?= 9 -. endif +OPENSSL_PORT= security/${SSL_DEFAULT} + +# Get OPENSSL_SHLIBVER from the port +.sinclude <${PORTSDIR}/${OPENSSL_PORT}/version.mk> -# default -OPENSSL_PORT?= security/openssl -OPENSSL_SHLIBVER?= 8 +. if !defined(OPENSSL_SHLIBVER) +.error You are using an unsupported SSL provider ${SSL_DEFAULT} +. endif OPENSSLDIR?= ${OPENSSLBASE}/openssl BUILD_DEPENDS+= ${LOCALBASE}/lib/libcrypto.so.${OPENSSL_SHLIBVER}:${OPENSSL_PORT} Modified: head/UPDATING ============================================================================== --- head/UPDATING Thu Jun 16 13:21:06 2016 (r416964) +++ head/UPDATING Thu Jun 16 13:22:58 2016 (r416965) @@ -5,6 +5,25 @@ they are unavoidable. You should get into the habit of checking this file for changes each time you update your ports collection, before attempting any port upgrades. +20160616 + AFFECTS: users of security/openssl*, security/libressl* + AUTHOR: mat@FreeBSD.org + + Previously, to tell the ports tree, you needed to set: + + WITH_OPENSSL_PORT=yes + + And if you wanted a port that was not security/openssl, you needed to add, + for example: + + OPENSSL_PORT= security/libressl + + Now, all you need to do is: + + DEFAULT_VERSIONS+= ssl=libressl + + Valid values are base, openssl, openssl-devel, libressl, and libressl-devel. + 20160614 AFFECTS: users of www/node, www/node5, and www/node4 AUTHOR: adamw@FreeBSD.org Added: head/security/libressl-devel/version.mk ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/libressl-devel/version.mk Thu Jun 16 13:22:58 2016 (r416965) @@ -0,0 +1 @@ +OPENSSL_SHLIBVER?= 38 Added: head/security/libressl/version.mk ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/libressl/version.mk Thu Jun 16 13:22:58 2016 (r416965) @@ -0,0 +1 @@ +OPENSSL_SHLIBVER?= 37 Added: head/security/openssl-devel/version.mk ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/openssl-devel/version.mk Thu Jun 16 13:22:58 2016 (r416965) @@ -0,0 +1 @@ +OPENSSL_SHLIBVER?= 9 Added: head/security/openssl/version.mk ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/openssl/version.mk Thu Jun 16 13:22:58 2016 (r416965) @@ -0,0 +1 @@ +OPENSSL_SHLIBVER?= 8