On Mon, Apr 14, 2014 at 11:56:43AM +0300, Samuli Seppänen wrote: > > > Hi, > > > > On 04/14/2014 10:28 AM, Gert Doering wrote: > >> On Mon, Apr 14, 2014 at 11:13:24AM +0300, Samuli Seppänen wrote: > >>> Currently all of the binary builds we provide[*] are linked to OpenSSL. > >>> Would having both OpenSSL and PolarSSL builds make sense (e.g. starting > >>> with 2.4)? > >> I think it would be a nice option. We could even start with 2.3.4 with > >> that, at least for windows... (if PolarSSL can be cross-compiled for > >> windows...) > > PolarSSL works just fine on Windows, OpenVPN-NL already ships for > > Windows, using PolarSSL. > > > > I would really like to release 'vanilla' polarssl-builds too. Make it > > easy for people to pick their favourite SSL library. > > > > However, what about PolarSSL itself? For Windows we just put it in the > > installer. But what about the other platforms? It's less commonly > > available in the distro's, and because of the (at least up to now) > > volatile API's, the rather not unlikely that users get version clashes. > > So, options: > > * Just supply openvpn builds, let users deal with polarssl versioning > > themselves > > * Provide PolarSSL packages too (do we already do that for other libs?) > > * Statically compile in PolarSSL (like OpenVPN-NL does) > > > > I think providing PolarSSL packages too is the neatest, but I'm not sure > > on the work involved in maintaining those. Samuli, any thoughts on this? > > > I don't think maintaining the PolarSSL packages would be as much work as > maintaining the OpenVPN packages. The OpenVPN packages need to keep > track of changes in the OS init systems, handle services restarts etc. > The PolarSSL packages would basically just copy some files to directory > and run a few commands. So I guess it would be quite easy to do. That > said, if we start maintaining PolarSSL debs, we might as well do it > upstream in the PolarSSL project instead of within the OpenVPN project. > We could of course publish the PolarSSL packages in our own apt repos to > make using them easier for our users.
There're already packages for PolarSSL in Debian (and thus, in Ubuntu). So I don't think there's need to maintain different ones. -- Alberto Gonzalez Iniesta | Formación, consultoría y soporte técnico mailto/sip: a...@inittab.org | en GNU/Linux y software libre Encrypted mail preferred | http://inittab.com Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
