Dirkjan Ochtman: > On Sat, Jul 12, 2014 at 2:37 PM, hasufell <hasuf...@gentoo.org> wrote: >> So libressl is meant as a drop-in replacement for openssl. > > Some caveats have already been discovered: > > http://devsonacid.wordpress.com/2014/07/12/how-compatible-is-libressl/ > > Cheers, > > Dirkjan >
The Werror thing is fixed in the ebuild. The next release is now signed and should enter the tree in the near future, along with the virtual ebuilds. So for people who want to help, I'd propose the following procedure: 1) Testing: https://github.com/gentoo/libressl (should already work with 'layman -a libressl') It contains dummy openssl ebuilds so the virtuals are not yet needed. It also contains a portable version of the signify tool (to verify the libressl tarballs), patched wget and patched openssh with patch from Hanno. I'd suggest to focus testing there, so we don't duplicate work. 2) depending on how big the fallout is we have to decide whether to add libressl to ~arch or masked later and even have to decide whether adding a virtual/openssl right now makes any sense. We'll shoot ourselves in the foot if we add the virtual now and realize later that it doesn't work out. 3) Depending on 2) add virtual/openssl and dev-libs/libressl to the tree and start converting the tree (~arch ebuilds with simple openssl atoms can probably be fixed with a script, see https://bugs.gentoo.org/show_bug.cgi?id=508750#c23). Stable arch ebuilds should probably be fixed by their respective maintainers. We should send out a dev-announce too then.
