Hi there! There's currently an inconsistency in how various makefiles (that use crypto bits) check if these bits are available. All of them check for the NOCRYPT knob, and some of them also check if src/crypto/ exists, and some not. None of them also check if src/secure/ exists, which is the where the crypto libraries get actually built. Here's the current summary of these makefiles: makefiles that don't check if src/crypto/ exists: gnu/usr.bin/cvs/cvs/Makefile lib/libfetch/Makefile lib/libtelnet/Makefile libexec/telnetd/Makefile usr.bin/fetch/Makefile usr.bin/telnet/Makefile usr.sbin/pkg_install/Makefile usr.sbin/pkg_install/add/Makefile usr.sbin/pkg_install/create/Makefile usr.sbin/pkg_install/delete/Makefile usr.sbin/pkg_install/info/Makefile usr.sbin/pkg_install/version/Makefile makefiles that check if src/crypto/ exists: bin/ed/Makefile games/factor/Makefile lib/Makefile rescue/rescue/Makefile usr.bin/Makefile usr.sbin/Makefile usr.sbin/ppp/Makefile usr.sbin/pppd/Makefile usr.sbin/sendmail/Makefile usr.sbin/tcpdump/tcpdump/Makefile Since the "exists(${.CURDIR}/.../crypto) && !defined(NOCRYPT)" check is weak (it lacks the exists(${.CURDIR}/.../secure) check), I suggest to simplify these makefiles and remove these obscure exists() checks. Users that don't fetch crypto sources (src/crypto/ and src/secure/) will then just have to specify that in their /etc/make.conf. Not fetching crypto sources and not specifying NOCRYPT currently gives a broken build, so this change shouldn't surprise a lot of people. Also, a similar change for src/kerberos5/ is proposed. I'd appreciate a quick response. Cheers, -- Ruslan Ermilov Sysadmin and DBA, ru_at_sunbay.com Sunbay Software Ltd, ru_at_FreeBSD.org FreeBSD committer
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:16 UTC