Date: Sat, 13 Jul 2019 08:39:00 +0000 (UTC) From: Matthias Andree <mandree@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r506519 - branches/2019Q3/security/openvpn Message-ID: <201907130839.x6D8d0tA002547@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: mandree Date: Sat Jul 13 08:39:00 2019 New Revision: 506519 URL: https://svnweb.freebsd.org/changeset/ports/506519 Log: security/openvpn Mark a failing build with LibreSSL "IGNORE" MFH: r506516 OpenVPN won't compile with LibreSSL, mark IGNORE. Upstream maintainers are massively pushing back against patches offered so far with valid and concrete technical reasons and unsuitability of the LibreSSL version API that will create a maintenance nightmare. (And LibreSSL abusing the OpenSSL API.) Invoking blanket approval since this just marks a non-default configuration that is failing "IGNORE", and changes a _DESC. PR: 238382 Submitted by: pizzamig Approved by: ports-secteam (blanket) Modified: branches/2019Q3/security/openvpn/Makefile Directory Properties: branches/2019Q3/ (props changed) Modified: branches/2019Q3/security/openvpn/Makefile ============================================================================== --- branches/2019Q3/security/openvpn/Makefile Sat Jul 13 08:36:33 2019 (r506518) +++ branches/2019Q3/security/openvpn/Makefile Sat Jul 13 08:39:00 2019 (r506519) @@ -41,7 +41,7 @@ OPTIONS_SINGLE= SSL OPTIONS_SINGLE_SSL= OPENSSL MBEDTLS PKCS11_DESC= Use security/pkcs11-helper EASYRSA_DESC= Install security/easy-rsa RSA helper package -MBEDTLS_DESC= SSL/TLS via mbedTLS +MBEDTLS_DESC= SSL/TLS via mbedTLS (lacks TLS v1.3) TUNNELBLICK_DESC= Tunnelblick XOR scramble patch (READ HELP!) X509ALTUSERNAME_DESC= Enable --x509-username-field (OpenSSL only) SMALL_DESC= Build a smaller executable with fewer features @@ -62,6 +62,7 @@ X509ALTUSERNAME_PREVENTS_MSG= OpenVPN ${DISTVERSION} c OPENSSL_USES= ssl OPENSSL_CONFIGURE_ON= --with-crypto-library=openssl +IGNORE_SSL= libressl libressl-devel LZ4_CONFIGURE_OFF= --disable-lz4 @@ -113,17 +114,6 @@ _tlslibs=libmbedtls libmbedx509 libmbedcrypto .else # OpenSSL _tlslibs=libssl libcrypto -.endif - -.if ${SSL_DEFAULT:Mlibressl*} && empty(PORT_OPTIONS:MMBEDTLS) -pre-everything:: - @${ECHO_CMD} "WARNING: OpenVPN does not officially support LibreSSL." - @${ECHO_CMD} "If things break, rebuild with OpenSSL or mbedTLS." - @${ECHO_CMD} "You may wish to change your default SSL library" - @${ECHO_CMD} "and press Ctrl+C within the next 10 seconds to abort." -. if !(defined(PACKAGE_BUILDING) || defined(BATCH)) - @sleep 10 -. endif .endif # sanity check that we don't inherit incompatible SSL libs through,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201907130839.x6D8d0tA002547>