| 1 |
Michał Górny wrote: |
| 2 |
> > net-misc/openntpd |
| 3 |
> |
| 4 |
> I've just tested it and it builds fine against dev-libs/libretls. |
| 5 |
|
| 6 |
I hope you're not planning to suggest that dev-libs/libretls should |
| 7 |
be the only libtls on Gentoo, since that would be an arbitrary and |
| 8 |
artificial limitation - the very opposite of choice. I'm strongly |
| 9 |
against that. |
| 10 |
|
| 11 |
|
| 12 |
Jaco Kroon wrote: |
| 13 |
> > I'm asking to stop doing that, yet still enable the choice between |
| 14 |
> > openssl and libressl where that is possible without patches, even |
| 15 |
> > if that's only openntpd and one other package. |
| 16 |
> |
| 17 |
> Are you willing to put in the work to allow installing openssl and |
| 18 |
> libressl concurrently on the same system? |
| 19 |
|
| 20 |
I'm willing to help. I know that it's one or the other. And I have |
| 21 |
experience with distributions making arbitrary decisions about libraries, |
| 22 |
and I think I have an idea about the challenges and possibilities. |
| 23 |
|
| 24 |
|
| 25 |
> The only real solution then to make libressl viable is to make it |
| 26 |
> co-exist with openssl reliably. |
| 27 |
|
| 28 |
Ack. |
| 29 |
|
| 30 |
|
| 31 |
> Of course there are various strategies (or combination of), to mention |
| 32 |
> but a few: |
| 33 |
> |
| 34 |
> 1. Use a virtual/??? (but since the APIs aren't compatible despite the |
| 35 |
> libressl promise thereto ...) |
| 36 |
> 2. Install them into different prefixes (eg /usr/lib/openssl + |
| 37 |
> /usr/lib/libressl and have the linker link to a specific version, |
| 38 |
> /usr/include/{openssl,libressl} too). |
| 39 |
> 3. Make ssl USE flag another single-choice USE_EXPAND, posibly by way |
| 40 |
> of openssl.eclass. |
| 41 |
|
| 42 |
These are all interesting and I think worth exploring! But also |
| 43 |
non-trivial, so maybe better saved for later? |
| 44 |
|
| 45 |
What do you think about my suggestion in a previous email to have the |
| 46 |
libressl ebuild install only libtls .so and .a files built from static |
| 47 |
libs/objects, so that there are no conflicting shared objects? |
| 48 |
|
| 49 |
I can certainly help accomplish that if there is interest. |
| 50 |
|
| 51 |
|
| 52 |
> would be in willing and in support of updating the packages I maintain |
| 53 |
> to assist with libressl support if the eco system can be improved. |
| 54 |
|
| 55 |
Cool! I really appreciate your openness. I'm asking essentially to |
| 56 |
keep options open, so that the ecosystem can be improved step by step. |
| 57 |
|
| 58 |
|
| 59 |
Thanks |
| 60 |
|
| 61 |
//Peter |
Archives