1 |
On Fri, 18 Jan 2019 23:31:39 +0000 |
2 |
"Robin H. Johnson" <robbat2@g.o> wrote: |
3 |
|
4 |
> > So apparently 14.2% of dependencies allow any slot of OpenSSL which is |
5 |
> > most likely wrong, and 1.4% explicitly claim that's what the package |
6 |
> > wants. This could be valid only if e.g. the package supported multiple |
7 |
> > ABIs of OpenSSL libraries and used dlopen() with a few possible SONAMEs |
8 |
> > which I honestly doubt any of those packages is doing. |
9 |
> |
10 |
> There's a valid case for accepting ANY openssl: tooling that explicitly |
11 |
> calls the binary tools provided by OpenSSL, and does link or dlopen any |
12 |
> of the openssl libraries. |
13 |
|
14 |
The binary-only SLOTs don't include those tools because they would |
15 |
conflict. Library-only is a more accurate term. |
16 |
|
17 |
-- |
18 |
James Le Cuirot (chewi) |
19 |
Gentoo Linux Developer |