From owner-freebsd-ports@freebsd.org Sat Jul 9 10:50:01 2016 Return-Path: Delivered-To: freebsd-ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 58A0AB832CA for ; Sat, 9 Jul 2016 10:50:01 +0000 (UTC) (envelope-from mad@madpilot.net) Received: from mail.madpilot.net (grunt.madpilot.net [78.47.145.38]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 19B3D1AF3 for ; Sat, 9 Jul 2016 10:50:00 +0000 (UTC) (envelope-from mad@madpilot.net) Received: from mail (mail [192.168.254.3]) by mail.madpilot.net (Postfix) with ESMTP id 3rmp5x6B52zZrg for ; Sat, 9 Jul 2016 12:49:57 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=madpilot.net; h= content-transfer-encoding:content-type:content-type:in-reply-to :mime-version:user-agent:date:date:message-id:from:from :references:subject:subject:received:received; s=mail; t= 1468061395; x=1469875796; bh=N6mueSDTSnrmmaFBTOWUtAgsb08qlJCfwLd 4Ou72KII=; b=lF0BoQNJA6bbmftyVJyL6oK/QuQi/05oEab7RG8XQLHSedcFSMo CTq1VYOWeLjK80U87qS66W4KSDhHPDYtIJDgMGGrycqUhxBO1pE7JVuIUC48Q3oE 0oEA1n+N3IqMhGI2OHDbtDMM4r7/HLUcvaQLexF/zhJKYwVJTLcJpOmw= Received: from mail.madpilot.net ([192.168.254.3]) by mail (mail.madpilot.net [192.168.254.3]) (amavisd-new, port 10024) with ESMTP id TN-q2wcJMKpn for ; Sat, 9 Jul 2016 12:49:55 +0200 (CEST) Received: from marvin.madpilot.net (micro.madpilot.net [88.149.173.206]) by mail.madpilot.net (Postfix) with ESMTPSA for ; Sat, 9 Jul 2016 12:49:55 +0200 (CEST) Subject: Re: base components should always be default (Re: change in default openssl coming) To: freebsd-ports@freebsd.org References: From: Guido Falsi Message-ID: <6ceaba03-3e07-606d-3c93-f3f40c8ae38d@madpilot.net> Date: Sat, 9 Jul 2016 12:49:53 +0200 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.1.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 09 Jul 2016 10:50:01 -0000 On 07/09/16 12:19, Gerard Seibert wrote: > On Sat, 9 Jul 2016 10:32:35 +0200, Wojciech Puchar stated: > >> Why openssl is a part of base system at all? > > Interesting question. Perl was removed from the base system years ago > with no ill affects. > There's a kerberos implementation in base which requires OpenSSL. libfetch and fetch also require it to access the https sites I can imagine. svnlite also links to it. (needed for svn+https://) Most probably also other parts I'm not thinking about. Completely removing OpenSSL from base requires replacing it with some other SSL implementation, or removing a lot of other goodies which interface themselves with the external world from base. With this change it could be possible to make the base bundled OpenSSL (or equivalent) a private library never seen by ports (with the exception of pkg, which also needs it and cannot depend on another port), which is as near as you can get to removing it. Such a change would make it easier to update or change it, since it's not an exposed API/ABI anymore at that point and so not restricted from change. -- Guido Falsi