1 |
Michał Górny wrote: |
2 |
> > net-misc/openntpd |
3 |
> |
4 |
> I've just tested it and it builds fine against dev-libs/libretls. |
5 |
|
6 |
I hope you're not planning to suggest that dev-libs/libretls should |
7 |
be the only libtls on Gentoo, since that would be an arbitrary and |
8 |
artificial limitation - the very opposite of choice. I'm strongly |
9 |
against that. |
10 |
|
11 |
|
12 |
Jaco Kroon wrote: |
13 |
> > I'm asking to stop doing that, yet still enable the choice between |
14 |
> > openssl and libressl where that is possible without patches, even |
15 |
> > if that's only openntpd and one other package. |
16 |
> |
17 |
> Are you willing to put in the work to allow installing openssl and |
18 |
> libressl concurrently on the same system? |
19 |
|
20 |
I'm willing to help. I know that it's one or the other. And I have |
21 |
experience with distributions making arbitrary decisions about libraries, |
22 |
and I think I have an idea about the challenges and possibilities. |
23 |
|
24 |
|
25 |
> The only real solution then to make libressl viable is to make it |
26 |
> co-exist with openssl reliably. |
27 |
|
28 |
Ack. |
29 |
|
30 |
|
31 |
> Of course there are various strategies (or combination of), to mention |
32 |
> but a few: |
33 |
> |
34 |
> 1. Use a virtual/??? (but since the APIs aren't compatible despite the |
35 |
> libressl promise thereto ...) |
36 |
> 2. Install them into different prefixes (eg /usr/lib/openssl + |
37 |
> /usr/lib/libressl and have the linker link to a specific version, |
38 |
> /usr/include/{openssl,libressl} too). |
39 |
> 3. Make ssl USE flag another single-choice USE_EXPAND, posibly by way |
40 |
> of openssl.eclass. |
41 |
|
42 |
These are all interesting and I think worth exploring! But also |
43 |
non-trivial, so maybe better saved for later? |
44 |
|
45 |
What do you think about my suggestion in a previous email to have the |
46 |
libressl ebuild install only libtls .so and .a files built from static |
47 |
libs/objects, so that there are no conflicting shared objects? |
48 |
|
49 |
I can certainly help accomplish that if there is interest. |
50 |
|
51 |
|
52 |
> would be in willing and in support of updating the packages I maintain |
53 |
> to assist with libressl support if the eco system can be improved. |
54 |
|
55 |
Cool! I really appreciate your openness. I'm asking essentially to |
56 |
keep options open, so that the ecosystem can be improved step by step. |
57 |
|
58 |
|
59 |
Thanks |
60 |
|
61 |
//Peter |