Date: Wed, 16 Jan 2019 09:52:26 -0800 From: Enji Cooper <yaneurabeya@gmail.com> To: David Cornejo <dave@dogwood.com> Cc: FreeBSD Current <freebsd-current@freebsd.org>, Jung-uk Kim <jkim@FreeBSD.org> Subject: Re: openssl 1.1.1 utils mkerr.pl Message-ID: <0FD8FC97-BE08-41E2-A414-87991B9B5180@gmail.com> In-Reply-To: <CAFnjQbuaHeFRCPxLDc3sKC5Trh1Utio=rX4Q0VDa3uEYm5cwxA@mail.gmail.com> References: <CAFnjQbuaHeFRCPxLDc3sKC5Trh1Utio=rX4Q0VDa3uEYm5cwxA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail=_A5F965E6-2AAE-4794-A4F8-1510B9AA7BBE Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 > On Jan 15, 2019, at 5:55 PM, David Cornejo <dave@dogwood.com> wrote: >=20 > Hi, >=20 > I am working on some code that wants to use mkerr.pl from the openssl > distribution - but this appears to have been left out of the import to > base. >=20 > Is there an alternative method to create the include files produced > from this script in FreeBSD? Hi Dave, I would go a different route from what was mentioned by others =E2=80=94 = I would actually either grab mkerr.pl from upstream from the release = package (upstream on GitHub is = https://github.com/openssl/openssl/releases ) (sidenote: I don=E2=80=99t = know why, but our vendor-crypto tree lacks this script as well; jkim@ = CCed). Why go this route? You can easily grab the file using a tool like = curl, fetch, or wget from GitHub, and you can be sure that the version = you=E2=80=99re grabbing is the upstream release version. The only = downside of this route is that you might have to apply local patches in = order to fix bugs with the script itself (which the port would handle), = and you=E2=80=99ll have to grab all dependencies (in this case/version: = configdata.pm, which is generated from the release). Example: fetch -o mkerr.pl = https://raw.githubusercontent.com/openssl/openssl/d1c28d791a7391a8dc101713= cd8646df96491d03/util/mkerr.pl I think that these files should be committed in the vendor-crypto tree, = along with crypto/openssl ; although FreeBSD as a project doesn=E2=80=99t = have much value for these files, other repackagers do have value for = these files (Isilon had to recompile openssl to deal with some = modifications to the library for FIPS compliance). Why am I not recommending the port outright? Depending on which version = of openssl you=E2=80=99re based on, you might need to maintain a = Frankensteinian version of the port to deal with the current (or old) = ports framework, which can be=E2=80=A6 noisome (speaking from experience = having dealt with this at Isilon with a 3 year old port system in the = past). Plus, some of the config might differ (=E2=80=94prefix, etc), = causing the version you=E2=80=99re configuring to differ from the base = system version. Alternatively, you could just bypass openssl in base and patch a copy = from ports and be done with it. Cheers, -Enji --Apple-Mail=_A5F965E6-2AAE-4794-A4F8-1510B9AA7BBE Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEtvtxN6kOllEF3nmX5JFNMZeDGN4FAlw/b1oACgkQ5JFNMZeD GN5lsQ/+P/jwgTQTNDBRWHIz2wijrBBznfLwXvdx1aT+u4xLdPdo0FqZKL0m2iCJ fXY+gH5BgQWATnA8Ra+aA3DHE7uHEW0lOua4rSSPJS6yrZSTZlSNGZS0zzbD6tsl kNl3ulNQkNCSbHOCi7M+R0JRmEetHdTcqXLthZFY+rMq2dt1J8MkNN4hqAu6TgyL WV6hsbeovqNSQKD/t3w/NbTdx3j43oLoJZ2dufatLP+/g1BtEkkkh4uneOBrUOm8 JYJaK6m1IXXKAVTvOO6xY3Iewn+aA+j97A4BxXK9xe0X/FMo1gHYf+NG6BvteZG3 49yIsSJgC5V7yZMNoHMnm+ar/HePLM8wA09G3vRCGtGgW3dibKs1nB+N74Zqltku YMnwALuEm3Dm3/Rw+iTDqsfhCi1EeFbx9FG0k/QZ8pr9kvqooOhSL2fGAkLvOsTo fey5ZkfKtWP2uKWPx7O9qTwHF/RSqv1YXmk5SMoZ82AYFu8nWilYsbamWpci5XsO fUwOepGFKVzoDQsIkezDzuZalVWFBHvQmMor69qnMzrMFJZC0hSZ46Pw1NL4ZpY3 WdPS0MZ/JovzadXANOfZorQJax+35nTpZKMEvhSpqrxCjcIpjAlb0XHXeYj44s9/ pIgngNt/THG/pSiYal0A2fPedXZ5YlIL+vFbF1zDzqqaiwSbKtw= =xDp8 -----END PGP SIGNATURE----- --Apple-Mail=_A5F965E6-2AAE-4794-A4F8-1510B9AA7BBE--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0FD8FC97-BE08-41E2-A414-87991B9B5180>