radiusd is extremely sensitive to libssl changes. For example, my server is running FreeBSD 9.1-p7 and when you try to use the package on the pkg-test.freebsd.org repository it does not work libssl version mismatch. Built with: 90818f Linked: 90819f So as it turns out my libssl version is slightly newer than the 9.1-RELEASE on the package repository which breaks this package. We should just build against the one in ports so we always have a working net/freeradius2 package. Fix: Patch attached with submission follows:
Responsible Changed From-To: freebsd-bugs->freebsd-ports-bugs ports PR.
Responsible Changed From-To: freebsd-ports-bugs->zi Over to maintainer (via the GNATS Auto Assign Tool)
I avoid installing openssl from ports if at all possible and do not want to make using the port the default for this. Are there other options available to us?
Might be worth asking upstream what the implication of ignoring this warning are for minor patches to openssl that do not change ABI. -- Regards, Bryan Drewery
This patch provides security/openssl as a port option instead. At least with this functionality users will be able to use TLS 1.1 or 1.2 as well as PFS if they're on a platform that doesn't support that in the base system openssl version (8.4 and 9.1, 9.2)
Author: zi Date: Mon Oct 14 21:00:29 2013 New Revision: 330361 URL: http://svnweb.freebsd.org/changeset/ports/330361 Log: - Add OPTION to build against security/openssl - Do not bump PORTREVISION PR: ports/182836 Submitted by: Mark Felder <feld@FreeBSD.org> Modified: head/net/freeradius2/Makefile head/net/freeradius3/Makefile Modified: head/net/freeradius2/Makefile ============================================================================== --- head/net/freeradius2/Makefile Mon Oct 14 20:56:34 2013 (r330360) +++ head/net/freeradius2/Makefile Mon Oct 14 21:00:29 2013 (r330361) @@ -38,7 +38,7 @@ PLIST_SUB= PORTVERSION=${DISTVERSION} LI OPTIONS_DEFINE= USER KERBEROS HEIMDAL HEIMDAL_PORT LDAP MYSQL \ PGSQL UNIXODBC FIREBIRD PERL PYTHON OCI8 RUBY DHCP \ - EXPERIMENTAL UDPFROMTO DEVELOPER EDIR + EXPERIMENTAL UDPFROMTO DEVELOPER EDIR SSL_PORT OPTIONS_DEFAULT=USER PERL PYTHON DHCP_DESC= With DHCP support (EXPERIMENTAL) @@ -52,6 +52,7 @@ EXPERIMENTAL_DESC= Build experimental mo UDPFROMTO_DESC= Compile in UDPFROMTO support DEVELOPER_DESC= Enable developer options EDIR_DESC= Enable eDirectory support (implies LDAP) +SSL_PORT_DESC= Use OpenSSL from the ports collection NO_STAGE= yes .include <bsd.port.options.mk> @@ -256,6 +257,10 @@ CFLAGS!= ${ECHO} ${CFLAGS} | ${SED} -Ee CONFIGURE_ARGS+=--with-udpfromto .endif +.if ${PORT_OPTIONS:MSSL_PORT} +WITH_OPENSSL_PORT=yes +.endif + .include <bsd.port.pre.mk> .if ${ARCH} == "sparc64" && ${OSVERSION} < 700000 Modified: head/net/freeradius3/Makefile ============================================================================== --- head/net/freeradius3/Makefile Mon Oct 14 20:56:34 2013 (r330360) +++ head/net/freeradius3/Makefile Mon Oct 14 21:00:29 2013 (r330361) @@ -42,7 +42,7 @@ PLIST_SUB= PORTVERSION=${DISTVERSION} LI OPTIONS_DEFINE= USER KERBEROS HEIMDAL HEIMDAL_PORT LDAP MYSQL \ PGSQL UNIXODBC FIREBIRD REDIS PYTHON RUBY DHCP \ EXPERIMENTAL UDPFROMTO DEVELOPER EDIR PERL REST \ - FREETDS IDN + FREETDS IDN SSL_PORT OPTIONS_DEFAULT=USER PERL DHCP_DESC= With DHCP support (EXPERIMENTAL) @@ -56,6 +56,7 @@ UDPFROMTO_DESC= Compile in UDPFROMTO su DEVELOPER_DESC= Enable developer options EDIR_DESC= Enable eDirectory support (implies LDAP) REST_DESC= Enable RESTful API support +SSL_PORT_DESC= Use OpenSSL from the ports collection NO_STAGE= yes @@ -312,6 +313,10 @@ CONFIGURE_ARGS+=--quiet CONFIGURE_ARGS+=--with-udpfromto .endif +.if ${PORT_OPTIONS:MSSL_PORT} +WITH_OPENSSL_PORT=yes +.endif + .include <bsd.port.pre.mk> # if we're installing, place sample configs into ${EXAMPLESDIR} _______________________________________________ svn-ports-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-ports-all To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed Committed. Thanks!