| 1 |
Anthony G. Basile: |
| 2 |
> On 01/23/15 00:56, Michał Górny wrote: |
| 3 |
>> Dnia 2015-01-23, o godz. 01:51:24 |
| 4 |
>> hasufell <hasufell@g.o> napisał(a): |
| 5 |
>> |
| 6 |
>>> Regarding the last libav discussion I think we should also go with a |
| 7 |
>>> "libressl" USE flag instead of creating a virtual that makes handling |
| 8 |
>>> SUBSLOTs impossible. |
| 9 |
>> If libressl and openssl would have matching ABIs, that wouldn't be |
| 10 |
>> necessary and you could what virtual/libudev does, i.e. explicit |
| 11 |
>> subslot deps. |
| 12 |
>> |
| 13 |
> *if* I'm not sure they will even though that's the plan. If you look |
| 14 |
> in the libressl overlay, you'll see lots of patches to make big ticket |
| 15 |
> items like apache play nice with libressl. These patches involve things |
| 16 |
> like |
| 17 |
> |
| 18 |
> +#ifndef HAVE_SSL_CTX_USE_CERTIFICATE_CHAIN |
| 19 |
> int SSL_CTX_use_certificate_chain(SSL_CTX *, char *, int, |
| 20 |
> pem_password_cb *); |
| 21 |
> +#else |
| 22 |
> + int _SSL_CTX_use_certificate_chain(SSL_CTX *, char *, int, |
| 23 |
> pem_password_cb *); |
| 24 |
> +#endif |
| 25 |
> |
| 26 |
> which points to the differences in functions are being exported by the |
| 27 |
> two. This makes me lean towards a USE flag which can also be tied to |
| 28 |
> applying patches rather than a virtual which is better suited for simple |
| 29 |
> drop in substitutions. |
| 30 |
> |
| 31 |
|
| 32 |
The problem I see now is that people will have a hard time to actually |
| 33 |
switch, because unlike gnutls we cannot have openssl and libressl be |
| 34 |
installed at the same time. |
| 35 |
|
| 36 |
For people to be able to switch we'd have to add libressl USE flags |
| 37 |
everywhere, even if we don't know if it builds. |
Archives