1 |
Hi everyone, |
2 |
|
3 |
Back in Jun 2012 I added a CURL_SSL to the USE_EXPAND to represent the |
4 |
different ssl providers for curl. This was to get away from the old ssl |
5 |
USE flag logic which you still see in packages like |
6 |
media-video/rtmpdump. Quoting from there so you don't have to go find it |
7 |
yourself (and removing extraneous stuff) we have: |
8 |
|
9 |
IUSE="gnutls polarssl ssl" |
10 |
|
11 |
DEPEND="ssl? ( |
12 |
gnutls? ( net-libs/gnutls ) |
13 |
polarssl? ( !gnutls? ( >=net-libs/polarssl-0.14.0 ) ) |
14 |
!gnutls? ( !polarssl? ( dev-libs/openssl ) ) |
15 |
)" |
16 |
|
17 |
pkg_setup() { |
18 |
if ! use ssl && ( use gnutls || use polarssl ) ; then |
19 |
ewarn "USE='gnutls polarssl' are ignored without USE='ssl'." |
20 |
ewarn "Please review the local USE flags for this package." |
21 |
fi |
22 |
} |
23 |
|
24 |
|
25 |
The idea is that if you say USE=ssl but nothing more, you default to |
26 |
openssl. This is asymmetrical and doesn't scale well. So I made the |
27 |
leap in curl to the following (modulo extra stuff): |
28 |
|
29 |
IUSE="${IUSE} curl_ssl_axtls curl_ssl_cyassl curl_ssl_gnutls |
30 |
curl_ssl_nss +curl_ssl_openssl curl_ssl_polarssl curl_ssl_winssl" |
31 |
|
32 |
RDEPEND=" |
33 |
ssl? ( |
34 |
curl_ssl_axtls? ( net-libs/axtls app-misc/ca-certificates ) |
35 |
curl_ssl_cyassl? ( net-libs/cyassl app-misc/ca-certificates ) |
36 |
curl_ssl_gnutls? ( |
37 |
|| ( |
38 |
( >=net-libs/gnutls-3[static-libs?] dev-libs/nettle ) |
39 |
( =net-libs/gnutls-2.12*[nettle,static-libs?] |
40 |
dev-libs/nettle ) |
41 |
( =net-libs/gnutls-2.12*[-nettle,static-libs?] |
42 |
dev-libs/libgcrypt[static-libs?] ) |
43 |
) |
44 |
app-misc/ca-certificates |
45 |
) |
46 |
curl_ssl_openssl? ( dev-libs/openssl[static-libs?] ) |
47 |
curl_ssl_nss? ( dev-libs/nss app-misc/ca-certificates ) |
48 |
curl_ssl_polarssl? ( net-libs/polarssl:= app-misc/ca-certificates ) |
49 |
) |
50 |
|
51 |
REQUIRED_USE=" |
52 |
curl_ssl_winssl? ( elibc_Winnt ) |
53 |
ssl? ( |
54 |
^^ ( |
55 |
curl_ssl_axtls |
56 |
curl_ssl_cyassl |
57 |
curl_ssl_gnutls |
58 |
curl_ssl_openssl |
59 |
curl_ssl_nss |
60 |
curl_ssl_polarssl |
61 |
curl_ssl_winssl |
62 |
) |
63 |
)" |
64 |
|
65 |
|
66 |
With the number of ssl providers growing, like libressl, and with issues |
67 |
like bug #510974, I think its time we consider making this a uniform way |
68 |
of dealing with ssl providers in gentoo. We would proceed something |
69 |
like this: |
70 |
|
71 |
1. Introduce a new USE_EXPAND called SSL which mirrors CURL_SSL --- |
72 |
becuase CURL_SSL is too provincial a name. |
73 |
|
74 |
2. migrate curl and all its dependencies to the SSL use expand. |
75 |
|
76 |
3. Migrate over all consumers of ssl to the new SSL use expand system. |
77 |
|
78 |
What do people think? |
79 |
|
80 |
-- |
81 |
Anthony G. Basile, Ph.D. |
82 |
Gentoo Linux Developer [Hardened] |
83 |
E-Mail : blueness@g.o |
84 |
GnuPG FP : 1FED FAD9 D82C 52A5 3BAB DC79 9384 FA6E F52D 4BBA |
85 |
GnuPG ID : F52D4BBA |