From owner-freebsd-ports-bugs@FreeBSD.ORG Tue Jun 15 12:35:24 2004 Return-Path: Delivered-To: freebsd-ports-bugs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D0C8916A4CF; Tue, 15 Jun 2004 12:35:24 +0000 (GMT) Received: from fillmore.dyndns.org (port-212-202-50-15.dynamic.qsc.de [212.202.50.15]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7720343D2F; Tue, 15 Jun 2004 12:35:24 +0000 (GMT) (envelope-from eikemeier@fillmore-labs.com) Received: from [172.16.0.4] (helo=[172.16.0.4]) by fillmore.dyndns.org with esmtp (Exim 4.34 (FreeBSD)) id 1BaD9Q-000HzL-Gf; Tue, 15 Jun 2004 14:34:58 +0200 Message-ID: <40CED21D.6000704@fillmore-labs.com> Date: Tue, 15 Jun 2004 12:40:29 +0200 From: Oliver Eikemeier Organization: Fillmore Labs GmbH - http://www.fillmore-labs.com/ MIME-Version: 1.0 To: Dirk Meyer References: In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit User-Agent: KMail/1.5.9 cc: FreeBSD-ports-bugs@FreeBSD.org cc: FreeBSD-gnats-submit@FreeBSD.org Subject: Re: ports/67937: [PATCH] www/apache13-modssl,www/apache13-modssl+ipv6: sanitize version number handling X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jun 2004 12:35:25 -0000 Dirk Meyer wrote: > Oliver Eikemeier schrieb:, >>> Dirk Meyer wrote: >> >>> 1. Please give an example where pkg_version does not handle the >>> version check. >>> I use pkg_version, and otehr tiolls without any problems. >> >> Install the port with APACHE_WITH_MODDEFLATE=yes (sigh). >> Try >> pkg_version -v | grep apache >> You'll get >> apache+mod_ssl+mod_deflate-1.3.31+ > succeeds port (port has 1.3.31+2.8.18_4) >> (note the truncated package name on -STABLE) > > Please set APACHE_WITH_MODDEFLATE=yes in /etc/make.conf I expect that most users won't do this. Actually setting user tunable variables in make.conf(5) can lead to unexpected results when they are not specifically designed to be effective on the whole ports tree, so I would advise against doing this. >> bump the PORTREVISION (security fix!) >> pkg_version -v | grep apache >> apache+mod_ssl+mod_deflate-1.3.31+ > succeeds port (port has 1.3.31+2.8.18_5) > > Please set options in /etc/make.conf > > apache+mod_ssl-1.3.31+2.8.17_3 < needs updating (port has 1.3.31+2.8.18_4) ... which is the line you'll get when no options have been set. >> Try >> portupgrade -n 'apache*' >> ** No need to upgrade >> 'apache+mod_ssl+mod_deflate-1.3.31+2.8.18+1.0.21_4' (>= apache+mod_ssl-1.3.31+2.8.18_5). (specify -f to force) >> You'll miss security fixes! Now, is the port broken? > > will work when options set in /etc/make.conf Please, you don't do the users of your port a favour here. Besides requiring that options are set in make.conf(5) and are not changed between upgrades, you make it excessively expensive to add entries to the vulnerability database. Currently 16 entries would be required, instead of two. >>> 2. I can't reproduce that the port conficts with it self. >>> # make -V CONFLICTS >>> apache+ipv6-1.* apache+ssl-1.* apache-1.* apache-2.* apache_fp-1.* >>> caudium-devel-1.* caudium10-1.* caudium12-* ru-apache+mod_ssl-1.* >>> ru-apache-1.* thttpd-2.* w3c-httpd-3.* apache+mod_snmp*-1.* >>> apache+mod_accel*-1.* apache+mod_deflate*-1.* >> >> Try >> make APACHE_WITH_MODDEFLATE=yes -VCONFLICTS >> >> You'll get `apache+mod_ssl-1.*', which is *this* port, please read how >> CONFLICTS work. Besides, you make it unnecessary hard to CONFLICT with *this* port. > > This is required for some options. > IPV6 can be build from teh master port or from the Slave port. > To avoid overwrites CONFLICTS is set. No. Apply the patch and you'll see that exactly www/apache13-modssl and www/apache13-modssl+ipv6 conflict, and nothing else. Also it is *much* easier for other ports to add CONFLICTS for these ports, and to guess their names. >>> 4. Suggested patch is a regression, it fails to build with customized >>> slave ports. >> >> What are `customized slave ports'? Of course they build. > > e.G. ports/www/apache13-modssl+ipv6 > You removed to possiblitiy to overwrite some options. Hmmm... I don't understand what options you are referring to. Could you name an example? >>> 5. Why do you drop support of Makefile.local? >> >> Only bsd.port.mk includes ${MASTERDIR}/Makefile.local. Slave ports never >> include a Makefile.local in the slaves port directory. If you want to change >> this, please submit a patch for bsd.port.mk. > > When Fixes will take less than 6 Month to get in ... > INFO works just with the last revision of bsd.port.mk, > how long since it was introduced? > > No reason to removes "features" that have been asked for by users. I try not to introduce "features" in my ports that I have to describe using double quotes. Anyway, I don't care, this was just a drive-by. These and other issues are not a concern of this PR, so keep it the way it is. -Oliver