On 07/18/16 08:12 AM, Mathieu Arnold wrote: > Hi, > > +--On 11 juillet 2016 22:56:00 +0300 Slawa Olhovchenkov <slw_at_zxy.spb.ru> > wrote: > | On Mon, Jul 11, 2016 at 03:00:39PM -0400, Jung-uk Kim wrote: > |> > .if ( ${PORT_OPTIONS:MGOST} || ${PORT_OPTIONS:MGOST_ASN1} ) && > |> > ${SSL_DEFAULT} == base BROKEN= OpenSSL from the base system does not > |> > support GOST, add \ DEFAULT_VERSIONS+=ssl=openssl to your > |> > /etc/make.conf and rebuild everything \ that needs SSL. > |> > .endif > |> > |> FreeBSD 9.3 is still supported but GOST is not available there. It > | > | Thanks for clarifications. > | > |> seems the ports maintainer didn't want to break it on 9.3 (CC added). > |> Version check may be needed there. > | > | Thanks! > > > The idea is that you can't have mixed openssl usage. If you link half your > ports with openssl from base, and half with openssl from ports, you are > going to have dragons attacks, and core dumps. Also, if you are using > openssl from ports, you cannot use GSSAPI from base, for the same reasons. Exactly. That's why we should *allow* using base OpenSSL for 10.x and later because many packages are already linked against base OpenSSL by default. Jung-uk Kim
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:06 UTC