From nobody@FreeBSD.org  Tue Oct  8 17:36:57 2013
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
	(using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by hub.freebsd.org (Postfix) with ESMTP id 7C081FC1
	for <freebsd-gnats-submit@FreeBSD.org>; Tue,  8 Oct 2013 17:36:57 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from oldred.freebsd.org (oldred.freebsd.org [8.8.178.121])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.freebsd.org (Postfix) with ESMTPS id 69FDE2388
	for <freebsd-gnats-submit@FreeBSD.org>; Tue,  8 Oct 2013 17:36:57 +0000 (UTC)
Received: from oldred.freebsd.org ([127.0.1.6])
	by oldred.freebsd.org (8.14.5/8.14.7) with ESMTP id r98HavQv038936
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 8 Oct 2013 17:36:57 GMT
	(envelope-from nobody@oldred.freebsd.org)
Received: (from nobody@localhost)
	by oldred.freebsd.org (8.14.5/8.14.5/Submit) id r98HavEM038932;
	Tue, 8 Oct 2013 17:36:57 GMT
	(envelope-from nobody)
Message-Id: <201310081736.r98HavEM038932@oldred.freebsd.org>
Date: Tue, 8 Oct 2013 17:36:57 GMT
From: Mark Felder <feld@FreeBSD.org>
To: freebsd-gnats-submit@FreeBSD.org
Subject: [PATCH] net/freeradius2: always build against ports openssl
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         182836
>Category:       ports
>Synopsis:       [PATCH] net/freeradius2: always build against ports openssl
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    zi
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Oct 08 17:40:00 UTC 2013
>Closed-Date:    Mon Oct 14 21:03:28 UTC 2013
>Last-Modified:  Mon Oct 14 21:10:00 UTC 2013
>Originator:     Mark Felder
>Release:        
>Organization:
>Environment:
>Description:
radiusd is extremely sensitive to libssl changes. For example, my server is running FreeBSD 9.1-p7 and when you try to use the package on the pkg-test.freebsd.org repository it does not work

libssl version mismatch.  Built with: 90818f   Linked: 90819f

So as it turns out my libssl version is slightly newer than the 9.1-RELEASE on the package repository which breaks this package. We should just build against the one in ports so we always have a working net/freeradius2 package.
>How-To-Repeat:

>Fix:


Patch attached with submission follows:

Index: Makefile
===================================================================
--- Makefile	(revision 329094)
+++ Makefile	(working copy)
@@ -3,6 +3,7 @@
 
 PORTNAME=	freeradius
 DISTVERSION=	2.2.1
+PORTREVISION=	1
 CATEGORIES=	net
 MASTER_SITES=	ftp://ftp.freeradius.org/pub/freeradius/%SUBDIR%/ \
 		ftp://ftp.ntua.gr/pub/net/radius/freeradius/%SUBDIR%/ \
@@ -32,6 +33,7 @@
 USE_AUTOTOOLS=	libltdl libtool autoconf
 USE_BZIP2=	yes
 USE_OPENSSL=	yes
+WITH_OPENSSL_PORT=yes
 MAKE_ARGS+=	LDFLAGS="-L${LOCALBASE}/lib ${PTHREAD_LIBS}"
 CFLAGS+=	-I${LOCALBASE}/include -L${LOCALBASE}/lib
 MAKE_JOBS_UNSAFE=	yes


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->freebsd-ports-bugs 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Wed Oct 9 01:25:42 UTC 2013 
Responsible-Changed-Why:  
ports PR. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=182836 
Responsible-Changed-From-To: freebsd-ports-bugs->zi 
Responsible-Changed-By: edwin 
Responsible-Changed-When: Wed Oct 9 01:25:59 UTC 2013 
Responsible-Changed-Why:  
Over to maintainer (via the GNATS Auto Assign Tool) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=182836 

From: Ryan Steinmetz <zi@FreeBSD.org>
To: Mark Felder <feld@FreeBSD.org>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: misc/182836: [PATCH] net/freeradius2: always build against ports
 openssl
Date: Wed, 9 Oct 2013 11:52:23 -0400

 I avoid installing openssl from ports if at all possible and do not want
 to make using the port the default for this.
 
 Are there other options available to us?

From: Bryan Drewery <bdrewery@FreeBSD.org>
To: bug-followup@FreeBSD.org, feld@FreeBSD.org
Cc:  
Subject: Re: ports/182836: [PATCH] net/freeradius2: always build against ports
 openssl
Date: Sun, 13 Oct 2013 21:07:58 -0500

 This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
 --RWXemAAKjcvJl013KeoBXLLde9wloJ6Mj
 Content-Type: text/plain; charset=ISO-8859-1
 Content-Transfer-Encoding: quoted-printable
 
 Might be worth asking upstream what the implication of ignoring this
 warning are for minor patches to openssl that do not change ABI.
 
 --=20
 Regards,
 Bryan Drewery
 
 
 --RWXemAAKjcvJl013KeoBXLLde9wloJ6Mj
 Content-Type: application/pgp-signature; name="signature.asc"
 Content-Description: OpenPGP digital signature
 Content-Disposition: attachment; filename="signature.asc"
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.10 (MingW32)
 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
 
 iQIcBAEBAgAGBQJSW1H+AAoJEG54KsA8mwz5QOYP/34jTdQRjBOjxqEENWodCFWV
 lhXS4W7p8T6jd21CrSgHJCiOZG8OaURGlnHs/p9BYaVv9K7JO2LjdqyE6EnDSdNG
 vL5Mv0aDKHaNcHhxMCjsmBtuFYJa+sl22BlphlN/7/SFcWagM6BAaEGBAoDb8yDr
 vCCQ8k+hZrtDJSY98aynhXHwe+YAY4FVI2rdsXMO/+wJ5gCrBfkU7yljjQxurDwD
 nnt42V8ECfUOEGsChUB+J8sZSBx82X2n7eS9zb8FBlr//ktaST6k9R7FtXFuvY55
 xw9JzDjOAaz2zzLT1TAVUkAwsgFw9vFxuufBUgDIj1DiAMDLRnus+QkBFW5Ee0/T
 hHO0NESxHzEWvZG07Vdm7NarK461ygS2OF4rI6zpnTj9OHlm3Mz05VjRPkcM9cq1
 cIMVkvc/7JQfrh/SPi82EoBj9AXM8BnT8egdtSHZlB9PpYkj/dZf/LehGKT45F/q
 zwimGuz0HfUFFYBh/XEpCoSvQCqh4SG0Xm0uSwLFMlxkcZe0zl95w+U7p60rORJR
 0UMPaLsUHdF+eYRbPflhB0J/sQLO/240Qd+u/q3JT7MDshWLBHdlMtbfNxmqnd7b
 OsIFpsIJ9s/H4AVRcZnHeyoMskmD6OqbF+zni38KXKVtfZDvuQsIJlnlJeQt1vAv
 kOiBFQ3aZKp4X6WapW/c
 =kPd/
 -----END PGP SIGNATURE-----
 
 --RWXemAAKjcvJl013KeoBXLLde9wloJ6Mj--

From: Mark Felder <feld@FreeBSD.org>
To: FreeBSD-gnats-submit@FreeBSD.org
Cc:  
Subject: Re: misc/182836: [PATCH] net/freeradius2: always build against ports
 openssl
Date: Mon, 14 Oct 2013 10:59:04 -0500

 This is a multi-part message in MIME format.
 
 --_----------=_1381766344139610
 Content-Transfer-Encoding: 7bit
 Content-Type: text/plain
 
 This patch provides security/openssl as a port option instead. At least
 with this functionality users will be able to use TLS 1.1 or 1.2 as well
 as PFS if they're on a platform that doesn't support that in the base
 system openssl version (8.4 and 9.1, 9.2)
 
 --_----------=_1381766344139610
 Content-Disposition: attachment; filename="freeradius.diff"
 Content-Id: <1381766333.13241.ab7bfd9f5ab795f1ee1630a312995cc445d7348b.4D3E8679@messagingengine.com>
 Content-Transfer-Encoding: base64
 Content-Type: text/x-patch; name="freeradius.diff"
 
 SW5kZXg6IE1ha2VmaWxlCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09
 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIE1h
 a2VmaWxlCShyZXZpc2lvbiAzMjkzNTMpCisrKyBNYWtlZmlsZQkod29ya2lu
 ZyBjb3B5KQpAQCAtMyw2ICszLDcgQEAKIAogUE9SVE5BTUU9CWZyZWVyYWRp
 dXMKIERJU1RWRVJTSU9OPQkyLjIuMQorUE9SVFJFVklTSU9OPQkxCiBDQVRF
 R09SSUVTPQluZXQKIE1BU1RFUl9TSVRFUz0JZnRwOi8vZnRwLmZyZWVyYWRp
 dXMub3JnL3B1Yi9mcmVlcmFkaXVzLyVTVUJESVIlLyBcCiAJCWZ0cDovL2Z0
 cC5udHVhLmdyL3B1Yi9uZXQvcmFkaXVzL2ZyZWVyYWRpdXMvJVNVQkRJUiUv
 IFwKQEAgLTQwLDcgKzQxLDcgQEAKIAogT1BUSU9OU19ERUZJTkU9CVVTRVIg
 S0VSQkVST1MgSEVJTURBTCBIRUlNREFMX1BPUlQgTERBUCBNWVNRTCBcCiAJ
 CVBHU1FMIFVOSVhPREJDIEZJUkVCSVJEIFBFUkwgUFlUSE9OIE9DSTggUlVC
 WSBESENQIFwKLQkJRVhQRVJJTUVOVEFMIFVEUEZST01UTyBERVZFTE9QRVIg
 RURJUgorCQlFWFBFUklNRU5UQUwgVURQRlJPTVRPIERFVkVMT1BFUiBFRElS
 IE9QRU5TU0wKIE9QVElPTlNfREVGQVVMVD1VU0VSIFBFUkwgUFlUSE9OCiAK
 IERIQ1BfREVTQz0JCVdpdGggREhDUCBzdXBwb3J0IChFWFBFUklNRU5UQUwp
 CkBAIC01NCw2ICs1NSw3IEBACiBVRFBGUk9NVE9fREVTQz0JCUNvbXBpbGUg
 aW4gVURQRlJPTVRPIHN1cHBvcnQKIERFVkVMT1BFUl9ERVNDPQkJRW5hYmxl
 IGRldmVsb3BlciBvcHRpb25zCiBFRElSX0RFU0M9CQlFbmFibGUgZURpcmVj
 dG9yeSBzdXBwb3J0IChpbXBsaWVzIExEQVApCitPUEVOU1NMX0RFU0M9CQlC
 dWlsZCBhZ2FpbnN0IHNlY3VyaXR5L29wZW5zc2wgaW5zdGVhZCBvZiBiYXNl
 IG9wZW5zc2wKIAogTk9fU1RBR0U9CXllcwogLmluY2x1ZGUgPGJzZC5wb3J0
 Lm9wdGlvbnMubWs+CkBAIC0yNTgsNiArMjYwLDExIEBACiBDT05GSUdVUkVf
 QVJHUys9LS13aXRoLXVkcGZyb210bwogLmVuZGlmCiAKKyMgYnVpbGQgYWdh
 aW5zdCBzZWN1cml0eS9vcGVuc3NsIGluc3RlYWQKKy5pZiAke1BPUlRfT1BU
 SU9OUzpNT1BFTlNTTH0KK1dJVEhfT1BFTlNTTF9QT1JUPXllcworLmVuZGlm
 CisKIC5pbmNsdWRlIDxic2QucG9ydC5wcmUubWs+CiAKIC5pZiAke0FSQ0h9
 ID09ICJzcGFyYzY0IiAmJiAke09TVkVSU0lPTn0gPCA3MDAwMDAK
 
 --_----------=_1381766344139610--
 
State-Changed-From-To: open->closed 
State-Changed-By: zi 
State-Changed-When: Mon Oct 14 21:03:28 UTC 2013 
State-Changed-Why:  
Committed. Thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=182836 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/182836: commit references a PR
Date: Mon, 14 Oct 2013 21:00:42 +0000 (UTC)

 Author: zi
 Date: Mon Oct 14 21:00:29 2013
 New Revision: 330361
 URL: http://svnweb.freebsd.org/changeset/ports/330361
 
 Log:
   - Add OPTION to build against security/openssl
   - Do not bump PORTREVISION
   
   PR:		ports/182836
   Submitted by:	Mark Felder <feld@FreeBSD.org>
 
 Modified:
   head/net/freeradius2/Makefile
   head/net/freeradius3/Makefile
 
 Modified: head/net/freeradius2/Makefile
 ==============================================================================
 --- head/net/freeradius2/Makefile	Mon Oct 14 20:56:34 2013	(r330360)
 +++ head/net/freeradius2/Makefile	Mon Oct 14 21:00:29 2013	(r330361)
 @@ -38,7 +38,7 @@ PLIST_SUB=	PORTVERSION=${DISTVERSION} LI
  
  OPTIONS_DEFINE=	USER KERBEROS HEIMDAL HEIMDAL_PORT LDAP MYSQL \
  		PGSQL UNIXODBC FIREBIRD PERL PYTHON OCI8 RUBY DHCP \
 -		EXPERIMENTAL UDPFROMTO DEVELOPER EDIR
 +		EXPERIMENTAL UDPFROMTO DEVELOPER EDIR SSL_PORT
  OPTIONS_DEFAULT=USER PERL PYTHON
  
  DHCP_DESC=		With DHCP support (EXPERIMENTAL)
 @@ -52,6 +52,7 @@ EXPERIMENTAL_DESC=	Build experimental mo
  UDPFROMTO_DESC=		Compile in UDPFROMTO support
  DEVELOPER_DESC=		Enable developer options
  EDIR_DESC=		Enable eDirectory support (implies LDAP)
 +SSL_PORT_DESC=		Use OpenSSL from the ports collection
  
  NO_STAGE=	yes
  .include <bsd.port.options.mk>
 @@ -256,6 +257,10 @@ CFLAGS!=	${ECHO} ${CFLAGS} | ${SED} -Ee 
  CONFIGURE_ARGS+=--with-udpfromto
  .endif
  
 +.if ${PORT_OPTIONS:MSSL_PORT}
 +WITH_OPENSSL_PORT=yes
 +.endif
 +
  .include <bsd.port.pre.mk>
  
  .if ${ARCH} == "sparc64" && ${OSVERSION} < 700000
 
 Modified: head/net/freeradius3/Makefile
 ==============================================================================
 --- head/net/freeradius3/Makefile	Mon Oct 14 20:56:34 2013	(r330360)
 +++ head/net/freeradius3/Makefile	Mon Oct 14 21:00:29 2013	(r330361)
 @@ -42,7 +42,7 @@ PLIST_SUB=	PORTVERSION=${DISTVERSION} LI
  OPTIONS_DEFINE=	USER KERBEROS HEIMDAL HEIMDAL_PORT LDAP MYSQL \
  		PGSQL UNIXODBC FIREBIRD REDIS PYTHON RUBY DHCP \
  		EXPERIMENTAL UDPFROMTO DEVELOPER EDIR PERL REST \
 -		FREETDS IDN
 +		FREETDS IDN SSL_PORT
  OPTIONS_DEFAULT=USER PERL
  
  DHCP_DESC=		With DHCP support (EXPERIMENTAL)
 @@ -56,6 +56,7 @@ UDPFROMTO_DESC=		Compile in UDPFROMTO su
  DEVELOPER_DESC=		Enable developer options
  EDIR_DESC=		Enable eDirectory support (implies LDAP)
  REST_DESC=		Enable RESTful API support
 +SSL_PORT_DESC=		Use OpenSSL from the ports collection
  
  NO_STAGE=	yes
  
 @@ -312,6 +313,10 @@ CONFIGURE_ARGS+=--quiet
  CONFIGURE_ARGS+=--with-udpfromto
  .endif
  
 +.if ${PORT_OPTIONS:MSSL_PORT}
 +WITH_OPENSSL_PORT=yes
 +.endif
 +
  .include <bsd.port.pre.mk>
  
  # if we're installing, place sample configs into ${EXAMPLESDIR}
 _______________________________________________
 svn-ports-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-ports-all
 To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"
 
>Unformatted:
