Date: Sat, 16 Jul 2016 08:43:55 -0400 From: Jim Ohlstein <jim@ohlste.in> To: Euan Thoms <euan@potensol.com> Cc: FreeBSD Ports Mailing List <freebsd-ports@freebsd.org> Subject: Re: curl and nginx no longer build on same host Message-ID: <e7b59cb6-d52d-b558-0bc0-f3f0610841a9@ohlste.in> In-Reply-To: <7c8b-5789ad00-d-6b8b4580@127157337> References: <7c8b-5789ad00-d-6b8b4580@127157337>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, On 7/15/16 11:41 PM, Euan Thoms wrote: > > On Saturday, July 16, 2016 10:21 SGT, Jim Ohlstein <jim@ohlste.in> wrote: > >> Hello, >> >>> On Jul 15, 2016, at 10:03 PM, Euan Thoms <euan@potensol.com> wrote: >>> >>> Bump >>> >>> Can anyone else install or update ftp/curl after installing nginx? > >> >> Yes, but I'm building packages using poudriere, not using portmaster. > > Good point, it may be a portmaster issue. Next time I update, I'll try to upgrade manually... eh, how do I do that again (scratches head). > >> >>> >>> The only way I'm able to update now is to uninstall openssl and nginx, then update curl, then reinstall nginx (which pulls in openssl). This was not required on several previous update cycles. >> >> If memory serves me correctly, nginx and curl both require openssl from ports only if certain options are chosen (http2 being one), or at least that was the case in the past. >> >> You may have option(s) selected for one that requires the version from ports, and one that does not. >> >> Have you tried to force usage of openssl from ports in your /etc/make.conf? >> > > Yes. I've used ssl=openssl and ssl=libressl in make.conf, no luck with either. The bottom line is ftp/curl with default port options does not want to build against openssl or libressl from ports. And it doesn't want to try and use the base openssl either. > > Your point about the port options for http2 requiring the ports version of openssl is valid. But this happens when the default options for both ports are used. I could accept my manual workaround if I had changed the default port options on either of the two ports. But default port options should build together. > > I suppose this has only come about on this upgrade cycle because nginx port now has http2 on by default? As of version 1.10.0 it appears http2 is selected by default. It has been the default in www/nginx-devel for some time. it is not the default for ftp/curl: OPTIONS_DEFAULT= CA_BUNDLE COOKIES OPENSSL PROXY RESOLV THREADED_RESOLVER TLS_SRP My /etc/make.conf has the following: WITH_OPENSSL_PORT=yes That will force ftp/curl (and all ports) to build against the openssl port. If I understand correctly, that is about to become the default behavior for all ports at some time in the not so distant future, or at least it has been proposed. > >>> >>> >>>> On Thursday, July 14, 2016 23:30 SGT, "Euan Thoms" <euan@potensol.com> wrote: >>>> >>>> I just tried to update my www/sogo2 jail and I now have ports breakage. >>>> >>>> The first thing that happened is that "portmaster -Rad" failed on ftp/curl with the following message: >>>> >>>> """ >>>> ===> Cleaning for curl-7.49.1 >>>> You have a /usr/local/lib/libcrypto.so file installed, but the framework is unable >>>> to determine what port it comes from. >>>> Add DEFAULT_VERSIONS+=ssl=<openssl package name> to your /etc/make.conf and try again. >>>> *** Error code 1 >>>> >>>> Stop. >>>> make[1]: stopped in /usr/ports/ftp/curl >>>> *** Error code 1 >>>> >>>> Stop. >>>> make: stopped in /usr/ports/ftp/curl >>>> >>>> ===>>> make build failed for ftp/curl >>>> ===>>> Aborting update >>>> >>>> ===>>> Update for curl-7.48.0_2 failed >>>> ===>>> Aborting update >>>> """ >>>> >>>> It seems that ftp/curl can't build with openssl or libressl installed from ports. And www/nginx will only build with openssl or libresll installed from ports. So basically nginx and curl can't co-exist on the same host/jail. >>>> >>>> My port options are almost all the defaults, and I don't want to set anything in /etc/make.conf, but even if I do set DEFAULT_VERSIONS+=ssl=<???>ssl I can't get curl to build. >>>> >>>> I've been updating this jail regulary for a while now without any issue. This reminds me hair-pulling in the past with the Kerberos fork issues (MIT vs Heimdal). And I was finding ports management so easy these days, until today. >>>> >>>> Why can't curl just use openssl from base, despite the port version being installed? >>>> >>>> >>>> >>>> # uname -a >>>> FreeBSD sogo.potensol.com 10.1-RELEASE-p16 FreeBSD 10.1-RELEASE-p16 #0: Tue Jul 28 12:04:19 UTC 2015 root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64 >> > > > > -- Jim Ohlstein "Never argue with a fool, onlookers may not be able to tell the difference." - Mark Twain
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?e7b59cb6-d52d-b558-0bc0-f3f0610841a9>