Comment 1 Christian Ruppert (idl0r) 2011-03-10 17:06:49 UTC

(In reply to comment #0)
> The openssl/gost logic in bind-9.8.0.ebuild is screwed up:
> 
> src_install(), on line 235:
> 
> if use ssl -a -e /usr/lib/engines/libgost.so; then
> 
> 1) You are using hard-coded /usr/lib/ instead of get_libdir or the like, from
> the multilib eclass.  (This likely applies elsewhere in the ebuild...
> pkg_config on line 347, etc, and initscripts as well.)
> 

Right, I use get_libdir to check if we have lib64 or not.
If lib64 then it'll create /usr/lib64 and also a symlink /usr/lib -> lib64
else
/usr/lib only. This makes sure /usr/lib is always there and always valid to use as there is no get_libdir available for init scripts and it's IMO not worth to clone the get_libdir function for it.

> 2) Regardless, I build openssl with USE=bindist so don't have libgost.so
> anywhere (the openssl build logic forces it off if eliptic curve is off, which
> it is due to USE=bindist), yet I end up with OPENSSL_LIBGOST=1 in
> /etc/init.d/named.
> 
> If I'm not mistaken, that -a should be &&.  Think about it.  As is, bash will
> parse -a -e ... as part of the use ssl commandline, not as a shell AND
> construct.
>

This has been fixed now, thanks. Re-sync in 1-2 hours and try again :)

> 3) It seems to me that in the initscript, OPENSSL_LIBGOST=0 should always be
> the default.  The setting should then be exposed in the conf.d/named file, with
> the ebuild setting the as-installed default there.  (IOW, the line 235+ if/seds
> should refer to an entry in "${D}/etc/conf.d/named instead, with the initscript
> always defaulting to 0 for that setting, which AFAIK it already does if that
> line explicitly setting it is taken out due to the ${OPENSSL_LIBGOST:-0}
> logic.)

I'll leave it auto detected by default but I improved this part a bit so that you're able to set OPENSSL_LIBGOST yourself in /etc/conf.d/named anyway.