Postfix Port -- OpenSSL Issues

Jay Chandler lists at
Tue Sep 18 17:12:42 PDT 2007

Daniel J. Luke wrote:
> On Sep 18, 2007, at 5:03 PM, Jay Chandler wrote:
>> Daniel J. Luke wrote:
>>> On Sep 18, 2007, at 2:05 PM, Jay Chandler wrote:
>>>> The bug only manifests itself when using TLS-- unfortunately, since 
>>>> I'm a paranoid type I require TLS on my private stuff, so getting 
>>>> it working is going to definitely be a challenge.  I'm afraid I'll 
>>>> have to deconstruct the port and go line by line through the source 
>>>> to figure out where it's making OpenSSL calls...
>>> It's mostly likely a problem with how the build is set up (ie, 
>>> postfix is using the OpenSSL include files from one location and the 
>>> libraries from another). You can use otool -L to figure out which 
>>> library it is linking against (and correct it to the macports 
>>> provied OpenSSL if necessary), but it may be a little more difficult 
>>> to determine which incorrect headers it is using while building.
>>> Good luck!
>> I'm not entirely sure how to add in the proper locations here-- I'm 
>> not much of a programmer yet...
> The "official" way to do this is to do something like:
> make makefiles CCARGS="-I/opt/local/include -DUSE_TLS -DUSE_SASL_AUTH" 
> AUXLIBS="-L/opt/local/lib -lssl -lcrypto"
> The current Portfile does this, but it adds the -I and -L options to 
> the end of the variable, which may make a difference?
>> Obviously the correct path to include is /opt/local/usr/lib and 
>> /opt/local/usr/include, but the trick becomes how to insert it.
> The correct paths are ${prefix}/lib and ${prefix}/include
> where ${prefix} is usually (but not always) /opt/local

After an afternoon of experimenting:

Downloading the source tarball and running a

-I/opt/local/include/sasl -I/opt/local/include" 
AUXLIBS="-L/opt/local/lib -R/opt/local/lib -L/opt/local/lib -lsasl2 
-lssl -lcrypto"; make; make install
was all it took.  Obviously /opt is the root when prompted, the rest is 
default.  It also requires SASL and OpenSSL as dependencies, but I had 
them hanging around from earlier.

Now, converting that to a Portfile is going to be interesting, but the 
SASL and TLS functionality works perfectly!

Jay Chandler / KB1JWQ
Living Legend / Systems Exorcist
Today's Excuse: Plasma conduit breach

More information about the macports-users mailing list