Created attachment 187771 [details] svn diff for security/testssl.sh ``` security/testssl.sh: Use secutity/openssl-unsafe - Run with security/openssl-unsafe PR: ? ``` The security/openssl-unsafe port is exactly what you should want to depend on. This port was failing if the user had selected e.g. DEFAULT_VERSIONS= ssl=openssl-devel.
Comment on attachment 187771 [details] svn diff for security/testssl.sh Sure, in principle this sound like a good idea. However there are a couple of issues. +.if ${ARCH} != i386 +BUILD_DEPENDS= ${LOCALBASE}/openssl-unsafe/bin/openssl:security/openssl-unsafe +RUN_DEPENDS+= ${BUILD_DEPENDS_amd64} post-patch: + ${REINPLACE_CMD} -e "s|OPENSSL=PREFIX|OPENSSL=${PREFIX}|" ${WRKSRC}/testssl.sh +.endif So what happens on i386? Why is openssl-unsafe not working on i386? What does BUILD_DEPENDS_amd64 do? Why even set BUILD_DEPENDS when the port now uses NO_BUILD=yes? - -e 's@$${TESTSSL_INSTALL_DIR:-""}@$${TESTSSL_INSTALL_DIR:-"${DATADIR}"}@' This needs to stay. Otherwise testssl.sh can't find its data files. - -e '/check_bsd_mount$$/d' This too. The check is bogus. Testssl.sh does not require a mounted fdescfs to work and neither does bash. --- security/testssl.sh/pkg-message (nonexistent) +++ security/testssl.sh/pkg-message (working copy) What for? > This port was failing if the user had selected e.g. DEFAULT_VERSIONS= ssl=openssl-devel. I cannot replicate this with the latest version in the ports tree (openssl-devel-1.1.0g) on 11.1/amd64.
Hi Tobias, Pulled the trigger on submitting a PR too early. Sorry for the poor quality patch. BUILD_DEP: Not relevant with NO_BUILD Removal of patching: Hadn't investigated what it actually did pkg-message: What was I even thinking... i386: hadn't cracked that one yet
Created attachment 187800 [details] svn diff for security/testssl.sh Fixed openssl-unsafe building in i386 with ports r453623 Reverted removals of post-patch No pkg-message
A commit references this bug: Author: tobik Date: Mon Nov 6 20:33:13 UTC 2017 New revision: 453645 URL: https://svnweb.freebsd.org/changeset/ports/453645 Log: security/testssl.sh: Use security/openssl-unsafe This greatly simplifies the port and we can stop building our own unsafe openssl version. PR: 223457 Submitted by: brnrd Changes: head/security/testssl.sh/Makefile head/security/testssl.sh/distinfo head/security/testssl.sh/files/ head/security/testssl.sh/files/patch-testssl.sh head/security/testssl.sh/pkg-plist
No real objections now, so committed. Thanks! :)