Opened 10 years ago
Last modified 8 months ago
#44765 new enhancement
freetds: Add openssl variant
| Reported by: | jprosser (Justin Prosser) | Owned by: | macports-tickets@… |
|---|---|---|---|
| Priority: | Normal | Milestone: | |
| Component: | ports | Version: | |
| Keywords: | Cc: | ||
| Port: | freetds |
Description
Please add SSL support to the Freetds port (see patch).
Attachments (4)
Change History (11)
Changed 10 years ago by jprosser (Justin Prosser)
| Attachment: | Portfile-freetds.diff added |
|---|
comment:1 follow-up: 2 Changed 10 years ago by mf2k (Frank Schima)
I'm not a fan of making this a variant. Why not make this always on? Especially considering that this in a security issue.
comment:2 Changed 10 years ago by jprosser (Justin Prosser)
Replying to mf2k@…:
My thinking was just providing options, given the state of SSL and various alternatives post Heartbleed (though I have no idea what Macports with say, LibreSSL, looks like). I just needed to connect to SQL Server, so added this variant.
comment:3 Changed 10 years ago by mf2k (Frank Schima)
Right now, LibreSSL does not exist in Macports. The request for it is #44313.
comment:4 Changed 10 years ago by jprosser (Justin Prosser)
Ok, so I tried adding in a GnuTLS variant which worked after fixing a linking failure by modifying the configure script to pull in the gcrypt library (CPPFLAGS and NETWORK_LIBS). I don't have a preference on variants vs choosing one or the other.
comment:5 follow-up: 7 Changed 10 years ago by ryandesign (Ryan Carsten Schmidt)
We have other ports offering both openssl and gnutls variants. We could do that here, even make one of them the default. Which one we choose as default might depend on which of them results in a distributable binary, in the event that only one of them does.
comment:6 Changed 10 years ago by jprosser (Justin Prosser)
I've found that the needed changes to get GnuTLS working exists in the configure script from Freetds-dev.0.92.812 (so this could be considered a backport, I suppose). With that in place the two variants work for me, so i'll upload those two patch files to this ticket.
File summary: Portfile-freetds.diff is just the OpenSSL variant, nothing else needed as far as I know
the two newer patches add variants OpenSSL and GnuTLS with the needed configure script change (this fully replaces the first Portfile-freetds.diff with the addition of GnuTLS).
Changed 10 years ago by jprosser (Justin Prosser)
| Attachment: | patch-configure.diff added |
|---|
Changed 10 years ago by jprosser (Justin Prosser)
| Attachment: | Portfile-freetds_gnu.diff added |
|---|
adds both GnuTLS and OpenSSL variants
Changed 8 years ago by dshills@…
| Attachment: | Portfile-freetds.2.diff added |
|---|
Changed TDS version from 8.0 to 7.3 per documentation http://www.freetds.org/userguide/choosingtdsprotocol.htm#TAB.PROTOCOL.BY.PRODUCT
comment:7 Changed 8 months ago by ryandesign (Ryan Carsten Schmidt)
| Summary: | freetds openssl variant → freetds: Add openssl variant |
|---|
Replying to ryandesign:
We have other ports offering both openssl and gnutls variants. We could do that here, even make one of them the default. Which one we choose as default might depend on which of them results in a distributable binary, in the event that only one of them does.
When updating the port to 1.00.1 I added the openssl dependency but that made the port nondistributable. When updating the port to 1.2.3 I switched it to gnutls to avoid that. Variants could still be added to allow the user to choose openssl instead of gnutls if there is a strong desire for that.
Changed TDS version from 8.0 to 7.3 per documentation http://www.freetds.org/userguide/choosingtdsprotocol.htm#TAB.PROTOCOL.BY.PRODUCT
That was handled in #51636.
freetds variant addition