# updating libressl dependent ports



## brunoschwartz (Apr 14, 2017)

Hello,

Recently I have updated the libressl port from 2.4.5 to 2.5.3. /usr/ports/UPDATING says the dependent packages should be manually updated with

`portmaster -r libressl`

When I run it I get the following error:

```
===>>> Working on:
        libressl-2.5.3

===>>> Gathering distinfo list for installed ports


===>>> libressl-2.5.3 1/1

===>>> Currently installed version: libressl-2.5.3
===>>> Port directory: /usr/ports/security/libressl

===>>> Launching 'make checksum' for security/libressl in background
===>>> Gathering dependency list for security/libressl from ports
===>>> Initial dependency check complete for security/libressl


===>>> Checking ports that depend on libressl-2.5.3

===>>> Launching child to reinstall python27-2.7.13_1

===>>> Checking dependent ports >> python27-2.7.13_1 (1/1)

===>>> Currently installed version: python27-2.7.13_1
===>>> Port directory: /usr/ports/lang/python27

===>>> Launching 'make checksum' for lang/python27 in background
===>>> Gathering dependency list for lang/python27 from ports
===>>> Initial dependency check complete for lang/python27

===>>> Returning to list of ports depending on libressl-2.5.3
===>>> Launching child to reinstall cyrus-sasl-2.1.26_12

===>>> Checking dependent ports >> cyrus-sasl-2.1.26_12 (2/2)

===>>> Currently installed version: cyrus-sasl-2.1.26_12
===>>> Port directory: /usr/ports/security/cyrus-sasl2

===>>> Launching 'make checksum' for security/cyrus-sasl2 in background
===>>> Gathering dependency list for security/cyrus-sasl2 from ports
===>>> Initial dependency check complete for security/cyrus-sasl2

===>>> Returning to list of ports depending on libressl-2.5.3
===>>> Launching child to reinstall openldap-sasl-client-2.4.44

===>>> Checking dependent ports >> openldap-sasl-client-2.4.44 (3/3)

===>>> Currently installed version: openldap-sasl-client-2.4.44
===>>> Port directory: /usr/ports/net/openldap24-sasl-client

===>>> Launching 'make checksum' for net/openldap24-sasl-client in background
===>>> Gathering dependency list for net/openldap24-sasl-client from ports
===>>> Initial dependency check complete for net/openldap24-sasl-client

===>>> Returning to list of ports depending on libressl-2.5.3
===>>> Launching child to reinstall openldap-sasl-server-2.4.44

===>>> Checking dependent ports >> openldap-sasl-server-2.4.44 (4/4)

===>>> Currently installed version: openldap-sasl-server-2.4.44
===>>> Port directory: /usr/ports/net/openldap24-server

        ===>>> This port is marked IGNORE
        ===>>> cannot install: OpenLDAP versions mismatch: openldapShared object "libssl.so.39" not found, required by "ldapwhoami"-client is installed and wanted version is openldap24-client


        ===>>> If you are sure you can build it, remove the
               IGNORE line in the Makefile and try again.

===>>> Update for openldap-sasl-server-2.4.44 failed
===>>> Aborting update
```

I am a newbie but searched around without finding a solution.
The new libressl provides libssl.so.43, how can this be served to the port specifically?
Of note is that not all the dependent packages have this problem, only openldap and dovecot related ones.

Regards,

B


----------



## SirDice (Apr 14, 2017)

Make sure you have this in /etc/make.conf:

```
DEFAULT_VERSIONS+= ssl=libressl
```
This will make sure ports are built against libressl instead of the base OpenSSL. And because you have OpenLDAP with SASL enabled you'll need this in make.conf too:

```
WANT_OPENLDAP_SASL=yes
```
Or else you're going to have conflicts with openldap-{client,server} and openldap-sasl-{client,server}.


----------



## brunoschwartz (Apr 14, 2017)

SirDice,

Thank you for your prompt response.

This is in the /etc/make.conf


```
DEFAULT_VERSIONS=ssl=libressl
```

It has been there from before the upgrade.


----------



## brunoschwartz (Apr 14, 2017)

I just noticed you have + sign after default_versions and I don't. Is it of any significance?


----------



## SirDice (Apr 14, 2017)

Yes, the difference is that mine _adds_ to DEFAULT_VERSIONS, while yours _sets_ it. But if you have no other DEFAULT_VERSIONS lines it shouldn't matter.


----------



## brunoschwartz (Apr 14, 2017)

Hello SirDice,

I added 
	
	



```
WANT_OPENLDAP_SASL=yes
```
into the /etc/make.conf

It still gives the same error. Hmm..


----------



## SirDice (Apr 14, 2017)

Try rebuilding net/openldap24-sasl-client first. It seems that's broken right now and it's causing everything else to fail.


----------



## brunoschwartz (Apr 14, 2017)

Thanks.

What command should I use to rebuild it? I don't want to break anything else.


----------



## SirDice (Apr 14, 2017)

`cd /usr/ports/net/openldap24-sasl-client && make reinstall` should cover it.


----------



## brunoschwartz (Apr 14, 2017)

Thanks SirDice, that worked. I ran into some other problem after that but it is all sorted now. Thanks for your help.


----------

