On Tue, Dec 29, 2020 at 2:47 PM Peter Stuge <pe...@stuge.se> wrote: > > Andreas K. Huettel wrote: > > > I agree completely that it's unreasonable for Gentoo (worse, 1 person!) > > > to continuosly patch the entire world for libressel. > > > > > > I'm asking to stop doing that, yet still enable the choice between > > > openssl and libressl where that is possible without patches, even > > > if that's only openntpd and one other package. > > > > a) The two cannot be installed concurrently. To fix that would require even > > more hacks. > > As we've discussed in another part of the thread, that's not really true. > Both can for sure be installed, just not in the same place and/or > with same names. > > > > -> all relevant ssl consumers on the user's system must be linked against > > the one selected > > Also not the case. Considering the two installed in different paths > with same names it's still easy for consumers to use one or the other > with -rpath at link time. > > > I do agree that the two are not always 1:1 replacements for each other. > If they are API incompatible somewhere then for sure not. > > I think many mails in this thread suffer from some tunnel vision, expecting > that a libressl ebuild in the tree must continue to work exactly like the > openssl ebuild - I'm saying to stop that but do keep a libressl ebuild.
If they suffer from tunnel vision, it's because the intersection of "people who care about libressl" and "people who have patches in gentoo.git" is the empty set. I think we all understand your points: libressl could be kept in-tree and allow people to play with it. Unfortunately that requires much more work than removing it, and I haven't seen evidence that you're prepared to contribute to the required effort. I don't think you're going to convince a bunch of people with little interest in libressl per se to continue allowing the extra burden unless you do the work that's needed to keep it in-tree (e.g., to allow it to be installed beside openssl). They're not interested.
