Date: Mon, 17 Jan 2000 13:07:07 -0800 (PST) From: Kris Kennaway <kris@hub.freebsd.org> To: ports@freebsd.org Cc: current@freebsd.org Subject: USE_OPENSSL Message-ID: <Pine.BSF.4.21.0001171254150.27848-100000@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
[Cross-posting to -current because I would like some feedback about the last paragraph - namely how to test for RSA capability] How about the following: 1) I bump OSVERSION due to the (potential) presence of openssl in the base system. 2) We add a USE_OPENSSL knob to bsd.port.mk which tests for this and the openssl libraries in /usr/lib, and sets LIB_DEPENDS appropriately. 3) Setting USE_OPENSSL=RSA requires a RSA-capable version of openssl (i.e. they've either built with USA_RESIDENT=NO, or have installed rsaref and rebuilt) and emits an explanatory warning if it's not available. The only problem I can see so far is how to tell whether RSA support is available. We can do a dynamic check to see if openssl(1) can actually do RSA, but that's not as good as an existence check of something. Currently we don't build libRSARefglue.a because I couldn't see what it was useful for (it's rolled into libcrypto for us), but this still wouldn't differentiate between an (international) full openssl a (USA) neutered one without rsaref. Hmm, it may cause problems for ports which expect it, though :-( Stuffing a file in /etc is an obvious solution, but there may be a better one. Anyone? Kris ---- "How many roads must a man walk down, before you call him a man?" "Eight!" "That was a rhetorical question!" "Oh..then, seven!" -- Homer Simpson To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0001171254150.27848-100000>