Dependency problem with ports OpenSSL and apache24
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 10 Feb 2022 13:04:23 UTC
Hello, I just went down a dependency rathole trying to get Apache 2.4 to correctly build with ports OpenSSL. The symptom I was trying to fix was that Apache, both in error.log on startup and in the Server header, reported itself as using OpenSSL 1.1.1k-freebsd, i.e. base OpenSSL on releng/13.0. ldd also reports a dependency on libssl.so.111 in /usr/local/sbin/httpd. Interestingly, mod_ssl from the same package says it is using OpenSSL 1.1.1m, which is the current version of the security/openssl port. My DEFAULT_VERSIONS includes bdb=18 and ssl=openssl. Eventually I figured out that this was because I have devel/apr1 configured with BDB=on and databases/db18 has an unconditional USES=ssl and does not correctly follow ssl=openssl. Instead it always uses OpenSSL from base. The fix I came up with is to patch databases/db18 by adding an SSL option and SSL_CONFIGURE_WITH=repmgr-ssl=yes. When configured with SSL=off, OpenSSL is not used anymore. This keeps the library out of libaprutil and therefore out of httpd. Does this look like something I should submit as a patch, or am I on the wrong track? Fixing databases/db18 to get its OpenSSL selection right is also a good idea, of course, but I could not get it working. Thanks for any help. -- Christian Ullrich