1 |
Anthony G. Basile: |
2 |
> On 01/23/15 00:56, Michał Górny wrote: |
3 |
>> Dnia 2015-01-23, o godz. 01:51:24 |
4 |
>> hasufell <hasufell@g.o> napisał(a): |
5 |
>> |
6 |
>>> Regarding the last libav discussion I think we should also go with a |
7 |
>>> "libressl" USE flag instead of creating a virtual that makes handling |
8 |
>>> SUBSLOTs impossible. |
9 |
>> If libressl and openssl would have matching ABIs, that wouldn't be |
10 |
>> necessary and you could what virtual/libudev does, i.e. explicit |
11 |
>> subslot deps. |
12 |
>> |
13 |
> *if* I'm not sure they will even though that's the plan. If you look |
14 |
> in the libressl overlay, you'll see lots of patches to make big ticket |
15 |
> items like apache play nice with libressl. These patches involve things |
16 |
> like |
17 |
> |
18 |
> +#ifndef HAVE_SSL_CTX_USE_CERTIFICATE_CHAIN |
19 |
> int SSL_CTX_use_certificate_chain(SSL_CTX *, char *, int, |
20 |
> pem_password_cb *); |
21 |
> +#else |
22 |
> + int _SSL_CTX_use_certificate_chain(SSL_CTX *, char *, int, |
23 |
> pem_password_cb *); |
24 |
> +#endif |
25 |
> |
26 |
> which points to the differences in functions are being exported by the |
27 |
> two. This makes me lean towards a USE flag which can also be tied to |
28 |
> applying patches rather than a virtual which is better suited for simple |
29 |
> drop in substitutions. |
30 |
> |
31 |
|
32 |
The problem I see now is that people will have a hard time to actually |
33 |
switch, because unlike gnutls we cannot have openssl and libressl be |
34 |
installed at the same time. |
35 |
|
36 |
For people to be able to switch we'd have to add libressl USE flags |
37 |
everywhere, even if we don't know if it builds. |