On March 2, 2020 2:50:47 PM PST, Hiroki Sato <h...@freebsd.org> wrote: >Jung-uk Kim <j...@freebsd.org> wrote > in <8e60a869-fe1e-9314-ffdc-76ed3e2dc...@freebsd.org>: > >jk> > I merely try to understand how to unbreak upgrade path for >11.2-STABLE workstations >jk> > with stock sendmail and SSL support that also has many ports >installed including >jk> > ports requiring new openssl API. Because buildworld fails and >upgrade is broken. >jk> I am also trying to understand your problem. Which port is >specifically >jk> requiring new OpenSSL API for you? > > The problem eugen@ is trying to explain is (correct me if this is > wrong): > > 1. One needs to install OpenSSL from ports if she wants to install > software which depends on it. deskutils/nextcloudclient, for > example. Setting DEFAILT_VERSION+=ssl=openssl is strongly > recommended in this case for consistency. > >2. Handbook says enabling SMTP AUTH requires the following in >make.conf: > > SENDMAIL_CFLAGS=-I/usr/local/include/sasl -DSASL > SENDMAIL_LDFLAGS=-L/usr/local/lib > SENDMAIL_LDADD=-lsasl2 > > However, this variables make the buildworld target to pick up > OpenSSL from ports if installed, not from base, in the middle of > building sendmail. "make buildworld" will always fail. There is > no way to avoid OpenSSL from ports if she wants software such as > deskutils/nextcloudclient. > > This build breakage occurs with sendmail + openssl from ports, not > related to cyrus-sasl2. A shlib mismatch between sendmail and > cyrus-sasl2 in terms of OpenSSL library is another issue. > > I think there are several workaround, but the primary problem is that > people can get confused with instructions in the handbook. I suggest > to update the handbook: > > a) If you do not have security/openssl on your system, set the > following in make.conf and rebuilt the world: > > SENDMAIL_CFLAGS=-I/usr/local/include/sasl -DSASL > SENDMAIL_LDFLAGS=-L/usr/local/lib > SENDMAIL_LDADD=-lsasl2 > > b) If you have security/openssl, sendmail in the base system does not > support SMTP AUTH because of incompatibility with the newer > versions of OpenSSL. Use mail/sendmail from ports. > > I still feel that b) is sub-optimal, but it would be too complex to > make them coexist with each other. The attached patch and putting > SASLBASEDIR=/usr/local into /etc/make.conf instead of the SENDMAIL_* > variables should mitigate the first problem but if > security/cyrus-sasl2 was built with OpenSSL from ports, the shlib > mismatch still occurs. > >-- Hiroki
Buildworld should only use libraries in /usr/obj. I've found and fixed these in ntp, Heimdal and amd. Base sendmail build shouldn't use installed libraries or headers. The implications are obvious. -- Pardon the typos and autocorrect, small keyboard in use. Cy Schubert <cy.schub...@cschubert.com> FreeBSD UNIX: <c...@freebsd.org> Web: https://www.FreeBSD.org The need of the many outweighs the greed of the few. Sent from my Android device with K-9 Mail. Please excuse my brevity. _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
