Gentoo Archives: gentoo-dev

From: "Paul B. Henson" <henson@×××.org>
To: gentoo-dev@l.g.o
Subject: [gentoo-dev] libressl status
Date: Thu, 02 Apr 2015 23:49:32
1 What is the current status/thoughts regarding libressl? Reviewing the
2 bug and some past threads, it sounds like the initial plan was to make
3 openssl a virtual and let either classic openssl or libressl fulfull it?
4 I'm not sure if things have changed from that viewpoint, but it really
5 doesn't seem they're going to be plug and play compatible 8-/. libressl
6 offers functionality openssl doesn't and vice versa, and playing nicely
7 with each other doesn't seem to be on the agenda of either. It seems it
8 might make more sense to treat them more like openssl and gnutls, where
9 they both provide similar ssl functionality but a given package might
10 use one, the other, or either?
12 The specific reason for my current inquiry is that the latest openntpd
13 release includes the new support from openbsd for "constraints", where
14 basically you can verify ntp time sources by checking their time
15 relative to a trusted TLS server (which provides the time in HTTP
16 headers). This functionality requires libtls, part of libressl. openssl
17 provides no compatible functionality, so this is a case where they're
18 not plug-and-play, openntpd requires libressl specifically.
20 Thanks...


Subject Author
Re: [gentoo-dev] libressl status "Hanno Böck" <hanno@g.o>
Re: [gentoo-dev] libressl status hasufell <hasufell@g.o>
Re: [gentoo-dev] libressl status hasufell <hasufell@g.o>