It looks like Apple removed the OpenSSL headers with El Capitan (OS X
10.11), and now Bro fails to build on OS X. Apple's recommendation is
that we either include a copy of OpenSSL ourselves or we use their
Secure Transport API.
The installation instructions are in the Bro Manual though, and hence an update will only affect the development version and not the version people are likely to visit if they are using 2.4.x, right?
Is there a way we can update the release version of the bro manual without making a new release? Or should we put a note somewhere else about the 2.4.x + Mac OS 10.11 + Homebrew problem?
Right, ideally we avoid a new release, because it's not really a Bro bug.
In my opinion, it suffices to update the 2.4.1 manual and mention how to use `--with-openssl` with Homebrew and El Capitan. Jon & Vlad have already fixed the issue for the next release.
- one more small question:
in your branch, you use the ports,brew,find binaries to find the path. Would it make sense to still, in addition, hardcode /opt/local, /usr/local and /sw just in case there are more people like me who, e.g., do not have the commands in their default search path?
If that is ok, I will just do that during merging. At least at the moment I am hard pressed to come up with a disadvantage to this.
- Sure, that's a good idea. Is it reasonable to add those to the end of the search paths, in that case, though? I'm worried about the case where, for example, I have an old OpenSSL floating around and that will get picked up first. (I haven't checked to see exactly in what order it would get added).
Yup, that actually was my plan . Thanks.