[kde-freebsd] [Fwd: Re: Konqueror errors]

Michael Nottebrock lofi at freebsd.org
Fri Apr 6 19:53:29 CEST 2007


David Johnson wrote:
> On Friday 06 April 2007 02:48, Michael Nottebrock wrote:
>> Looks to me like the openssl scenario explained in the posts I mentioned
>> after all.
>>
>> To cut the resumes of the resumes even shorter, make sure you don't ever
>> wind up with a ports-installed openssl unless you completely delete the
>> base-system openssl (and in case you're wondering: Making sure of
>> keeping
>> ports-openssl out is much easier than getting rid of the base system
>> openssl and replacing everything that depends on it with ports - see the
>> threads I linked to for helpful make.conf switches etc).
>
> I know you sent me links with this info in it, but it turned out to be
> hidden
> in the tenth paragraph of the fourth message of the first thread. Maybe
> this
> information should be in the FAQ?

I did say "and followups" :)

This latest resurfacing of that problem really does make it a FAQ though,
yes.

> The larger problem here isn't Konqueror, it's ports that have dependencies
> on
> the openssl port.

The problem is complex - for one thing KDE's way of using openssl is
rather special, as it dlopen()'s most (but not all!) of the openssl
libraries at runtime and does rather funky magic in order to be compatible
even with openssl releases dating back years. That works rather fine on
systems where only one openssl is ever installed and prevents users on
those systems from having to recompile/update KDE when openssl is updated.

Unfortunately, FreeBSD is, once again, also rather special and ships
openssl both in the base system and in ports and does not prevent users
from installing both, despite the fact that openssl itself makes no
special effort to support that kind of configuration.

Now when everything goes wrong, the openssl version in the base system is
binary-incompatible with the one installed from ports, KDE is linked with
the one from ports, but dlopen() uses the one from the base system because
that comess up first in the library search path - then the crashes start.

> If installing openssl is going to break everything, then
> other ports should not have it as a dependency.

The USE_OPENSSL macro from ports tries to be smart and will do different
things depending on what is installed. If an openssl port is installed, it
will trigger dependencies on that port. If no openssl port is installed,
it will not, except a port requests the version from ports (some ports do,
usually without good reason).

Fortunately, there are also user-definable switches which will override
the 'smart' decisions of USE_OPENSSL, setting

WITH_OPENSSL_BASE= YES

in /etc/make.conf does a good job keeping the openssl port off the
harddisk and getting everything linked with the base system openssl.

-- 
   ,_,   | Michael Nottebrock               | lofi at freebsd.org
 (/^ ^\) | FreeBSD - The Power to Serve     | http://www.freebsd.org
   \u/   | K Desktop Environment on FreeBSD | http://freebsd.kde.org


More information about the kde-freebsd mailing list