Use OpenSSL 1.1.1 code path that uses SSL_CTX_up_ref() instead of
handrolling it. This way mosquitto will continue to build after
an upcoming libssl bump.
file when running as a daemon (in /var/run/mosquitto.pid). in 2.x priv
dropping was changed to do less before dropping privs and this no longer
works. found by patrick@
if a port needs 2.x then set MODPY_VERSION=${MODPY_DEFAULT_VERSION_2}.
This commit doesn't change any versions currently used; it may be that
some ports have MODPY_DEFAULT_VERSION_2 but don't require it, those
should be cleaned up in the course of updating ports where possible.
Python module ports providing py3-* packages should still use
FLAVOR=python3 so that we don't have a mixture of dependencies some
using ${MODPY_FLAVOR} and others not.
some existing COMPILER lines with arch restrictions etc. In the usual
case this is now using "COMPILER = base-clang ports-gcc base-gcc" on
ports with c++ libraries in WANTLIB.
This is basically intended to be a noop on architectures using clang
as the system compiler, but help with other architectures where we
currently have many ports knocked out due to building with an unsuitable
compiler -
- some ports require c++11/newer so the GCC version in base that is used
on these archirtectures is too old.
- some ports have conflicts where an executable is built with one compiler
(e.g. gcc from base) but a library dependency is built with a different
one (e.g. gcc from ports), resulted in mixing incompatible libraries in the
same address space.
devel/gmp is intentionally skipped as it's on the path to building gcc -
the c++ library there is unused in ports (and not built by default upstream)
so intending to disable building gmpcxx in a future commit.
it's recommended users update as quickly as possible to prevent a
malicious user from triggering the issue and causing the server to
go offline.
note this does not affect mosquitto 1.4.x which is available on
OPENBSD_6_3.
thanks to upstream mosquitto for the heads-up
