1 |
On Tue, Dec 29, 2020 at 2:47 PM Peter Stuge <peter@×××××.se> wrote: |
2 |
> |
3 |
> Andreas K. Huettel wrote: |
4 |
> > > I agree completely that it's unreasonable for Gentoo (worse, 1 person!) |
5 |
> > > to continuosly patch the entire world for libressel. |
6 |
> > > |
7 |
> > > I'm asking to stop doing that, yet still enable the choice between |
8 |
> > > openssl and libressl where that is possible without patches, even |
9 |
> > > if that's only openntpd and one other package. |
10 |
> > |
11 |
> > a) The two cannot be installed concurrently. To fix that would require even |
12 |
> > more hacks. |
13 |
> |
14 |
> As we've discussed in another part of the thread, that's not really true. |
15 |
> Both can for sure be installed, just not in the same place and/or |
16 |
> with same names. |
17 |
> |
18 |
> |
19 |
> > -> all relevant ssl consumers on the user's system must be linked against |
20 |
> > the one selected |
21 |
> |
22 |
> Also not the case. Considering the two installed in different paths |
23 |
> with same names it's still easy for consumers to use one or the other |
24 |
> with -rpath at link time. |
25 |
> |
26 |
> |
27 |
> I do agree that the two are not always 1:1 replacements for each other. |
28 |
> If they are API incompatible somewhere then for sure not. |
29 |
> |
30 |
> I think many mails in this thread suffer from some tunnel vision, expecting |
31 |
> that a libressl ebuild in the tree must continue to work exactly like the |
32 |
> openssl ebuild - I'm saying to stop that but do keep a libressl ebuild. |
33 |
|
34 |
If they suffer from tunnel vision, it's because the intersection of |
35 |
"people who care about libressl" and "people who have patches in |
36 |
gentoo.git" is the empty set. |
37 |
|
38 |
I think we all understand your points: libressl could be kept in-tree |
39 |
and allow people to play with it. Unfortunately that requires much |
40 |
more work than removing it, and I haven't seen evidence that you're |
41 |
prepared to contribute to the required effort. |
42 |
|
43 |
I don't think you're going to convince a bunch of people with little |
44 |
interest in libressl per se to continue allowing the extra burden |
45 |
unless you do the work that's needed to keep it in-tree (e.g., to |
46 |
allow it to be installed beside openssl). They're not interested. |