Bug 251782
| Summary: | Mk/bsd.default-versions.mk: define SSL_DEFAULT=openssl on FreeBSD 11.* | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Jan Beich <jbeich> | ||||
| Component: | Individual Port(s) | Assignee: | Port Management Team <portmgr> | ||||
| Status: | Closed Overcome By Events | ||||||
| Severity: | Affects Only Me | CC: | kde | ||||
| Priority: | --- | Keywords: | needs-qa, patch | ||||
| Version: | Latest | Flags: | jbeich:
exp-run?
|
||||
| Hardware: | Any | ||||||
| OS: | Any | ||||||
| Attachments: |
|
||||||
Need an exp-run for a better picture: how much volunteer's time we'd actually save by sacrificing a base component that turned rotten before EOL. I can already tell you how it will go. - Everything will build - Except for ports that also use GSSAPI, which now can't use GSSAPIĀ from base and have to be built with a ports version of GSSAPI. Now, for those ports, they don't work any more as the innards of the different GSSAPIĀ are not compatible. - Things will run - Except stuff that links with stuff in base, like pkg, and with libpkg comes net-snmp, then php-snmp, and then, boom, it explodes mid flight because you built php with ssl from ports, but php-snmp brings in openssl from the base system. We could devote exp-run resources to this, but, well, the switch from ssl=base to ssl=openssl will never happen in the official package repository, so, why bother... FreeBSD 11 is not supported anymore |
Created attachment 220486 [details] v1 FreeBSD binary packages are supposed to be useful for the widest range of users. As many ports are BROKEN with OpenSSL < 1.1 and FreeBSD-SA-20:33.openssl the stacks are against packages using base OpenSSL. Packages never promised stable ABI unlike base system. So, let's switch the default.