Hi Peter,
On 2020/12/29 13:29, Peter Stuge wrote:
> Michał Górny wrote:
>>> I'm sure that there are numerous cases where libressl doesn't work,
>>> but that's no reason to dismiss cases where it *does*.
>> Are you asking people to put an effort into maintaining something that
>> can't be practically installed?
> No, I'm rather asking to change the level of commitment.
>
> I agree completely that it's unreasonable for Gentoo (worse, 1 person!)
> to continuosly patch the entire world for libressel.
>
> I'm asking to stop doing that, yet still enable the choice between
> openssl and libressl where that is possible without patches, even
> if that's only openntpd and one other package.
Are you willing to put in the work to allow installing openssl and
libressl concurrently on the same system?
And I raise this, because as others have insinuated, currently it's one
or the other, they can't co-exist, and there are a great many number of
packages that doesn't work with libressl. The only real solution then
to make libressl viable is to make it co-exist with openssl reliably.
Of course there are various strategies (or combination of), to mention
but a few:
1. Use a virtual/??? (but since the APIs aren't compatible despite the
libressl promise thereto ...)
2. Install them into different prefixes (eg /usr/lib/openssl +
/usr/lib/libressl and have the linker link to a specific version,
/usr/include/{openssl,libressl} too).
3. Make ssl USE flag another single-choice USE_EXPAND, posibly by way
of openssl.eclass.
My personal support currently goes towards at the very least masking
libressl, but removal unless someone is going to put in the effort
towards the above. Happy to help with patching on my own packages, but
without concurrent install of libre+openssl it's a massive workload to
test for me, so not happy with current state either.
+1 for removal given current state, but would be in willing and in
support of updating the packages I maintain to assist with libressl
support if the eco system can be improved.
Kind Regards,
Jaco
