| 1 |
On Tue, Dec 29, 2020 at 2:47 PM Peter Stuge <peter@×××××.se> wrote: |
| 2 |
> |
| 3 |
> Andreas K. Huettel wrote: |
| 4 |
> > > I agree completely that it's unreasonable for Gentoo (worse, 1 person!) |
| 5 |
> > > to continuosly patch the entire world for libressel. |
| 6 |
> > > |
| 7 |
> > > I'm asking to stop doing that, yet still enable the choice between |
| 8 |
> > > openssl and libressl where that is possible without patches, even |
| 9 |
> > > if that's only openntpd and one other package. |
| 10 |
> > |
| 11 |
> > a) The two cannot be installed concurrently. To fix that would require even |
| 12 |
> > more hacks. |
| 13 |
> |
| 14 |
> As we've discussed in another part of the thread, that's not really true. |
| 15 |
> Both can for sure be installed, just not in the same place and/or |
| 16 |
> with same names. |
| 17 |
> |
| 18 |
> |
| 19 |
> > -> all relevant ssl consumers on the user's system must be linked against |
| 20 |
> > the one selected |
| 21 |
> |
| 22 |
> Also not the case. Considering the two installed in different paths |
| 23 |
> with same names it's still easy for consumers to use one or the other |
| 24 |
> with -rpath at link time. |
| 25 |
> |
| 26 |
> |
| 27 |
> I do agree that the two are not always 1:1 replacements for each other. |
| 28 |
> If they are API incompatible somewhere then for sure not. |
| 29 |
> |
| 30 |
> I think many mails in this thread suffer from some tunnel vision, expecting |
| 31 |
> that a libressl ebuild in the tree must continue to work exactly like the |
| 32 |
> openssl ebuild - I'm saying to stop that but do keep a libressl ebuild. |
| 33 |
|
| 34 |
If they suffer from tunnel vision, it's because the intersection of |
| 35 |
"people who care about libressl" and "people who have patches in |
| 36 |
gentoo.git" is the empty set. |
| 37 |
|
| 38 |
I think we all understand your points: libressl could be kept in-tree |
| 39 |
and allow people to play with it. Unfortunately that requires much |
| 40 |
more work than removing it, and I haven't seen evidence that you're |
| 41 |
prepared to contribute to the required effort. |
| 42 |
|
| 43 |
I don't think you're going to convince a bunch of people with little |
| 44 |
interest in libressl per se to continue allowing the extra burden |
| 45 |
unless you do the work that's needed to keep it in-tree (e.g., to |
| 46 |
allow it to be installed beside openssl). They're not interested. |
Archives