* [gentoo-dev] Creating a USE_EXPAND for ssl providers
@ 2014-05-29 17:42 99% Anthony G. Basile
0 siblings, 0 replies; 1+ results
From: Anthony G. Basile @ 2014-05-29 17:42 UTC (permalink / raw
To: Gentoo Development
Hi everyone,
Back in Jun 2012 I added a CURL_SSL to the USE_EXPAND to represent the
different ssl providers for curl. This was to get away from the old ssl
USE flag logic which you still see in packages like
media-video/rtmpdump. Quoting from there so you don't have to go find it
yourself (and removing extraneous stuff) we have:
IUSE="gnutls polarssl ssl"
DEPEND="ssl? (
gnutls? ( net-libs/gnutls )
polarssl? ( !gnutls? ( >=net-libs/polarssl-0.14.0 ) )
!gnutls? ( !polarssl? ( dev-libs/openssl ) )
)"
pkg_setup() {
if ! use ssl && ( use gnutls || use polarssl ) ; then
ewarn "USE='gnutls polarssl' are ignored without USE='ssl'."
ewarn "Please review the local USE flags for this package."
fi
}
The idea is that if you say USE=ssl but nothing more, you default to
openssl. This is asymmetrical and doesn't scale well. So I made the
leap in curl to the following (modulo extra stuff):
IUSE="${IUSE} curl_ssl_axtls curl_ssl_cyassl curl_ssl_gnutls
curl_ssl_nss +curl_ssl_openssl curl_ssl_polarssl curl_ssl_winssl"
RDEPEND="
ssl? (
curl_ssl_axtls? ( net-libs/axtls app-misc/ca-certificates )
curl_ssl_cyassl? ( net-libs/cyassl app-misc/ca-certificates )
curl_ssl_gnutls? (
|| (
( >=net-libs/gnutls-3[static-libs?] dev-libs/nettle )
( =net-libs/gnutls-2.12*[nettle,static-libs?]
dev-libs/nettle )
( =net-libs/gnutls-2.12*[-nettle,static-libs?]
dev-libs/libgcrypt[static-libs?] )
)
app-misc/ca-certificates
)
curl_ssl_openssl? ( dev-libs/openssl[static-libs?] )
curl_ssl_nss? ( dev-libs/nss app-misc/ca-certificates )
curl_ssl_polarssl? ( net-libs/polarssl:= app-misc/ca-certificates )
)
REQUIRED_USE="
curl_ssl_winssl? ( elibc_Winnt )
ssl? (
^^ (
curl_ssl_axtls
curl_ssl_cyassl
curl_ssl_gnutls
curl_ssl_openssl
curl_ssl_nss
curl_ssl_polarssl
curl_ssl_winssl
)
)"
With the number of ssl providers growing, like libressl, and with issues
like bug #510974, I think its time we consider making this a uniform way
of dealing with ssl providers in gentoo. We would proceed something
like this:
1. Introduce a new USE_EXPAND called SSL which mirrors CURL_SSL ---
becuase CURL_SSL is too provincial a name.
2. migrate curl and all its dependencies to the SSL use expand.
3. Migrate over all consumers of ssl to the new SSL use expand system.
What do people think?
--
Anthony G. Basile, Ph.D.
Gentoo Linux Developer [Hardened]
E-Mail : blueness@gentoo.org
GnuPG FP : 1FED FAD9 D82C 52A5 3BAB DC79 9384 FA6E F52D 4BBA
GnuPG ID : F52D4BBA
^ permalink raw reply [relevance 99%]
Results 1-1 of 1 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2014-05-29 17:42 99% [gentoo-dev] Creating a USE_EXPAND for ssl providers Anthony G. Basile
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox