On Thu, Mar 6, 2014 at 8:05 PM, Darren Pilgrim <dar...@laskoprinting.com> wrote: > On 3/6/2014 3:07 PM, Mark Felder wrote: >> >> Hi Darren, >> >> I'm trying to understand exactly what we're looking at here. Is the >> problem: >> >> "nginx always builds against OpenSSL in base (for FreeBSD 10+?)" ? >> >> If so, that's correct; it should not build against OpenSSL from ports >> just because the version from ports happens to be installed. > > > No, actually, that's exactly what it should do. If I install OpenSSL from > ports and set WITH_OPENSSL_PORT in /etc/make.conf, the express intent is to > require all OpenSSL-using ports to link to the ports version. > > Nginx with SPDY needs NPN, which means OpenSSL 1.0.1 or later. Thus for 9.x > and earlier we need to set WITH_OPENSSL_PORT. For 10.0 and later, both > versions will work, so the correct behaviour for nginx is to say it does not > specifically require either by not setting either WITH_OPENSSL_* variable. >
Darren is correct, the intent of bsd.openssl.mk is to build using the security/openssl port when WITH_OPENSSL_PORT is defined in /etc/make.conf by the local administrator. What the www/nginx port does is it forces the build to always use the base version when ${OSVERSION} >= 1000028 by setting WITH_OPENSSL_BASE. The port should not be doing this. -- DISCLAIMER: No electrons were maimed while sending this message. Only slightly bruised. _______________________________________________ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"