Proper format for entry in "make.conf" - openssl

First the environment;
Code:
Copyright (c) 1992-2016 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
        The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 10.3-RELEASE-p7 #0: Thu Aug 11 18:38:15 UTC 2016
    root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64
FreeBSD clang version 3.4.1 (tags/RELEASE_34/dot1-final 208032) 20140512
CPU: AMD FX(tm)-4130 Quad-Core Processor             (3817.48-MHz K8-class CPU)
  Origin="AuthenticAMD"  Id=0x600f12  Family=0x15  Model=0x1  Stepping=2
  Features=0x178bfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,MMX,FXSR,SSE,SSE2,HTT>
  Features2=0x1e98220b<SSE3,PCLMULQDQ,MON,SSSE3,CX16,SSE4.1,SSE4.2,POPCNT,AESNI,XSAVE,OSXSAVE,AVX>
  AMD Features=0x2e500800<SYSCALL,NX,MMX+,FFXSR,Page1GB,RDTSCP,LM>
  AMD Features2=0x1c9bfff<LAHF,CMP,SVM,ExtAPIC,CR8,ABM,SSE4A,MAS,Prefetch,OSVW,IBS,XOP,SKINIT,WDT,LWP,FMA4,NodeId,Topology,PCXC,PNXC>
  SVM: NP,NRIP,VClean,AFlush,DAssist,NAsids=65536
  TSC: P-state invariant, performance statistics
real memory  = 8589934592 (8192 MB)
avail memory = 8225198080 (7844 MB)
I have a small problem with error messages using portmaster. Ports appear to upgrade and run correct. I can't find a fix that works for the following;

This the version of openssl that is installed on my system from pkg info.
openssl-1.0.2j,1 SSL and crypto library

When I run portmaster on some ports I get this warning message.
Code:
/!\ WARNING /!\
You have security/openssl installed but do not have DEFAULT_VERSIONS+=ssl=openssl set in your make.conf
If I put the following in /etc/make.conf:
Code:
DEFAULT_VERSIONS+=ssl=openssl-1.0.2j,1

I get this message
Code:
make: "/usr/ports/Mk/Uses/ssl.mk" line 95: You are using an unsupported SSL provider openssl-1.0.2j,1

If I set the default to the base I get this error
Code:
Dependency error: This port wants the OpenSSL library from the FreeBSD
base system. You can't build against it, while a newer
version is installed by a port.
Please deinstall the port, remove DEFAULT_VERSIONS=ssl=base or undefine WITH_OPENSSL_BASE.
*** Error code 1

If I try to deinstall openssl it wants to delete a very large number of ports. It would take a huge effort to every thing back.

Does anybody know what I am doing wrong? I don't know what I am doing with this. What is the syntax for the needed entry?

Thanks!
 
From /usr/ports/UPDATING:

Code:
20160616:
  AFFECTS: users of security/openssl*, security/libressl*
  AUTHOR: mat@FreeBSD.org

  Previously, to tell the ports tree, you needed to set:

  WITH_OPENSSL_PORT=yes

  And if you wanted a port that was not security/openssl, you needed to add,
  for example:

  OPENSSL_PORT= security/libressl

  Now, all you need to do is:

  DEFAULT_VERSIONS+=  ssl=libressl

  Valid values are base, openssl, openssl-devel, libressl, and libressl-devel.

So to use the Ports version of OpenSSL, here is the format of the line to include in /etc/make.conf:

Code:
DEFAULT_VERSIONS+=ssl=openssl
 
From /usr/ports/UPDATING:

Code:
20160616:
  AFFECTS: users of security/openssl*, security/libressl*
  AUTHOR: mat@FreeBSD.org

  Previously, to tell the ports tree, you needed to set:

  WITH_OPENSSL_PORT=yes

  And if you wanted a port that was not security/openssl, you needed to add,
  for example:

  OPENSSL_PORT= security/libressl

  Now, all you need to do is:

  DEFAULT_VERSIONS+=  ssl=libressl

  Valid values are base, openssl, openssl-devel, libressl, and libressl-devel.

So to use the Ports version of OpenSSL, here is the format of the line to include in /etc/make.conf:

Code:
DEFAULT_VERSIONS+=ssl=openssl

Thanks! I thought I had tried that at one time. I will give it a try on the next group of port update and see whats happens.
 
Have a look at /usr/ports/Mk/bsd.default-versions.mk if you're having problems setting a default. Stuff gets added there all the time and I regularly have to lookup the exact syntax. The SSL specific bits:
Code:
# Possible values: base, openssl, openssl-devel, libressl, libressl-devel
These refer to the base OpenSSL, security/openssl, security/openssl-devel, security/libressl and security/libressl-devel.

Note that some ports require additional options to be set/unset in order to build against a specific SSL library. For example, building ftp/curl requires you to unset TLS_SRP if you build against LibreSSL or you'll run into build failures.
 
Back
Top