From owner-svn-ports-all@freebsd.org  Tue Nov  5 13:52:09 2019
Return-Path: <owner-svn-ports-all@freebsd.org>
Delivered-To: svn-ports-all@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id D03BE1A820C;
 Tue,  5 Nov 2019 13:52:09 +0000 (UTC)
 (envelope-from bapt@FreeBSD.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "smtp.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 476rgs5FSBz4LG4;
 Tue,  5 Nov 2019 13:52:09 +0000 (UTC)
 (envelope-from bapt@FreeBSD.org)
Received: from ivaldir.etoilebsd.net (etoilebsd.net [178.32.217.76])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate) (Authenticated sender: bapt)
 by smtp.freebsd.org (Postfix) with ESMTPSA id 8625F2FA51;
 Tue,  5 Nov 2019 13:52:09 +0000 (UTC)
 (envelope-from bapt@FreeBSD.org)
Received: by ivaldir.etoilebsd.net (Postfix, from userid 1001)
 id 8A319BF2D6; Tue,  5 Nov 2019 14:52:08 +0100 (CET)
Date: Tue, 5 Nov 2019 14:52:08 +0100
From: Baptiste Daroussin <bapt@FreeBSD.org>
To: Mathieu Arnold <mat@FreeBSD.org>
Cc: Eugene Grosbein <eugen@FreeBSD.org>, ports-committers@freebsd.org,
 svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject: Re: svn commit: r515574 - head/security/cyrus-sasl2
Message-ID: <20191105135208.dt5tz3gqnzt4bcr5@ivaldir.net>
References: <201910250321.x9P3LHo9092172@repo.freebsd.org>
 <20191105131059.bpgmjwj3ma5isi3i@ivaldir.net>
 <20191105134710.3hfqxau5mqxpnfbo@ogg.in.absolight.net>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature"; boundary="mb5dxmxujnzimd66"
Content-Disposition: inline
In-Reply-To: <20191105134710.3hfqxau5mqxpnfbo@ogg.in.absolight.net>
User-Agent: NeoMutt/20180716
X-BeenThere: svn-ports-all@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the ports tree <svn-ports-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-all/>
List-Post: <mailto:svn-ports-all@freebsd.org>
List-Help: <mailto:svn-ports-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Nov 2019 13:52:09 -0000


--mb5dxmxujnzimd66
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Nov 05, 2019 at 02:47:10PM +0100, Mathieu Arnold wrote:
> On Tue, Nov 05, 2019 at 02:12:22PM +0100, Baptiste Daroussin wrote:
> > On Fri, Oct 25, 2019 at 03:21:17AM +0000, Eugene Grosbein wrote:
> > > Author: eugen
> > > Date: Fri Oct 25 03:21:16 2019
> > > New Revision: 515574
> > > URL: https://svnweb.freebsd.org/changeset/ports/515574
> > >=20
> > > Log:
> > >   security/cyrus-sasl2: unbreak building with stock OpenSSL for stabl=
e/11
> > >  =20
> > >   Sendmail bundled with FreeBSD has SASL support and the Handbook tel=
ls
> > >   how to rebuild the Sendmail with SASL enabled if you have installed
> > >   cyrus-sasl2 that links with OpenSSL's libcrypto.
> > >  =20
> > >   Sendmail uses old OpenSSL 1.0.2 API, so cyrus-sasl2 should be built
> > >   with stock libcrypto even if newer OpenSSL is installed for Ports.
> > >  =20
> > >   This change adds new option SSL to the port (enabled by default).
> > >   If disabled, cyrus-sasl2 is built witch stock libcrypto not dependi=
ng
> > >   on ports version of OpenSSL.
> > >  =20
> > >   PORTREVISION not changed as default build is not affected.
> > >=20
> > > Modified:
> > >   head/security/cyrus-sasl2/Makefile
> > >   head/security/cyrus-sasl2/Makefile.common
> > >=20
> > > Modified: head/security/cyrus-sasl2/Makefile
> > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
> > > --- head/security/cyrus-sasl2/Makefile	Fri Oct 25 03:15:48 2019	(r515=
573)
> > > +++ head/security/cyrus-sasl2/Makefile	Fri Oct 25 03:21:16 2019	(r515=
574)
> > > @@ -11,13 +11,14 @@ CYRUS_CONFIGURE_ARGS=3D	--with-saslauthd=3D${SASL=
AUTHD_RUN
> > > =20
> > >  NO_OPTIONS_SORT=3D	yes
> > >  OPTIONS_DEFINE=3D		ALWAYSTRUE AUTHDAEMOND DOCS KEEP_DB_OPEN \
> > > -			OBSOLETE_CRAM_ATTR OBSOLETE_DIGEST_ATTR
> > > +			OBSOLETE_CRAM_ATTR OBSOLETE_DIGEST_ATTR SSL
> > >  OPTIONS_RADIO=3D		SASLDB
> > >  OPTIONS_RADIO_SASLDB=3D	BDB1 BDB GDBM LMDB
> > >  OPTIONS_GROUP=3D		PLUGIN
> > >  OPTIONS_GROUP_PLUGIN=3D	ANONYMOUS CRAM DIGEST LOGIN NTLM OTP PLAIN S=
CRAM
> > >  OPTIONS_DEFAULT=3D	ANONYMOUS AUTHDAEMOND BDB1 OBSOLETE_CRAM_ATTR CRA=
M \
> > > -			OBSOLETE_DIGEST_ATTR DIGEST LOGIN NTLM OTP PLAIN SCRAM
> > > +			OBSOLETE_DIGEST_ATTR DIGEST LOGIN NTLM OTP PLAIN SCRAM \
> > > +			SSL
> > >  OPTIONS_SUB=3D		yes
> > >  ALWAYSTRUE_DESC=3D	Alwaystrue password verifier (discouraged)
> > >  ALWAYSTRUE_CONFIGURE_ENABLE=3Dalwaystrue
> > > @@ -61,6 +62,8 @@ PLAIN_DESC=3D		PLAIN authentication
> > >  PLAIN_CONFIGURE_ENABLE=3D	plain
> > >  SCRAM_DESC=3D		SCRAM authentication
> > >  SCRAM_CONFIGURE_ENABLE=3D	scram
> > > +SSL_DESC=3D		Uncheck this to use system openssl libraries
> > > +SSL_USES=3D		ssl
> > > =20
> > I don't think this is the right approach.
> >=20
> > 1/ the option (double negative) is confusing.
> > 2/ the default on for it makes it depends always on ports openssl, and =
mixing
> > port openssl and base openssl is always a mess for end users.
>=20
> Mmmm, unless I am missing something, I think you are both wrong.
> USES=3Dssl means "this port uses openssl", it does absolutely nothing
> about using openssl from ports or from the base system, this is left to
> the user by setting DEFAULT_VERSIONS+=3Dssl=3Dxxx in their make.conf.
>=20

You are right. To be honnest I have only read the commit log ;)

Best regards
Bapt

--mb5dxmxujnzimd66
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEgOTj3suS2urGXVU3Y4mL3PG3PloFAl3BfoUACgkQY4mL3PG3
Plq0Tw/+Ie0qNOJBdzKnkCMIUS65BzXGLTMp8/D5lYkJb/2SNr3hVpw+hYcNFyQF
OiNHPayvxjo3wGdB/9deHwige+psP9oE1UsTXCeFlw1oDb2FwGPvlRILsJmK4Phy
FNoWnURzwJoB/eAtZMYelmQ/SGeOW/X/KHE7sVQi331twF/frU2Bloppw1XYPARF
+HywxamTPIUoHAmaizeM5d+jtTT3QUqkyp9apwUKK8yj1UsEulZDgkzFp6DbqAsc
FIZ8qQbSCmeU0Q/L7cWkr72dmbtvcCp2VJJ0PIbjrkbvtXmpSY2y0QD0B2B/9lHF
pTgYhXmbaX2xIhkEj9+uKF+YgUE89OFLNesCvDw5IUTkkZcMuyyqZTa1pgOkRhxV
3e3yDWW7x+Ml9GgzsT+HjvnTc3LWmqtO4jcIUCtkiQNaLBl6OgP7wEdU2QxRWmH1
zKoq7wfYX9nDwC28ds0f8ZKElPpIcGs+oHi78owKpPFIkXtjwrkBPdyEiJBANCGR
DAeQgngPVO135daB1A1HcZZTWyMxYZckTg/z7cOKFNElcbN3WxUxwmGvLHF12XRc
bAZS34t8sYoT6OT+wHUVUdXjH8oAwQ+emujKBrJJsUgApvpPmFZoKAX6dmW8u368
Ybte0sfXWX+cWE7vNSeTcvi1Sc3VWo6Nqx8Vw+Ktq/heLYUFcaw=
=bT4a
-----END PGP SIGNATURE-----

--mb5dxmxujnzimd66--