Kurt Roeckx <k...@roeckx.be> writes: > On Sat, Jul 12, 2014 at 01:53:45PM +0200, Toni Mueller wrote:
>> my intention is to package this stuff so one can have both openssl and >> libressl installed in parallel. libressl currently has libraries with >> these sonames: >> libssl.so.26 >> libcrypto.so.29 > I don't really like it, since it could potentionally clash with > the ones provided by openssl. But it seems unlikely that openssl > will ever use that as soname. We've done this for years with Heimdal and MIT Kerberos, and it seems to be mostly okay. The one big caveat, though, is that this only works if nearly all of the archive is linked with one of the two, and the other is there pretty much just for users and not for anything else. For Kerberos libraries, that's MIT Kerberos. If you start using both for different packages, then you end up with shared libraries conflicting over which libssl they want to use, and then bad things start happening. So, in other words, it's fine to have it packaged with different SONAMEs and available for people to use, but switching the archive from one OpenSSL ABI implementation to another is something of an all-or-nothing affair. You can do a small amount of building key packages with the other implementation (like we do now with libpam-heimdal and libsasl2-modules-gssapi-heimdal), but that's both tricky and quite limited. -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/87sim6zefc....@windlord.stanford.edu
