On 23-03-21 11:49:19, A Tammy wrote:
> On 3/21/23 11:28, Stuart Henderson wrote:
> > On 2023/03/21 15:53, David Vasek wrote:
> >> On 2023-03-21 15:32, A Tammy wrote:
> >>> On 3/21/23 08:26, David Vasek wrote:
> >>>> Hello,
> >>>>
> >>>> more apps start using QUIC with GnuTLS. Port net/ngtcp2 can support
> > Any specific examples of software doing this?
I'm not sure I understand the actual end goal here - what functionality
does this provide that does not already exist?
> >>>> GnuTLS in a subpackage with no change in the main package. However,
> >>>> security/gnutls is needed for building the port with this diff and
> >>>> as a
> >>>> dependency for the new subpackage net/ngtcp2-gnutls. I have also
> >>>> changed
> >>>> the package description, but didn't touch the style of the
> >>>> Makefile yet.
> >>>> REVISON's of both subpackages set to he same value. Tested on amd64 so
> >>>> far.
> >>> A lot of packages will automatically pick this up. This needs to be
> >>> turned on with care.
> >> It shouldn't pick anything automatically. The main package ngtcp2 will
> >> remain
> >> the same as before *), while the new subpackage ngtcp2-gnutls still needs
> >> to be
> >> explicitly requested.
> > In a bulk build, ports are built in parallel and packages are installed
> > and uninstalled all the time.
> >
> > If another port will pick this up _if present at configure/build time_,
> > it must either be listed as a dependency or expicitly disabled (via
> > configure arguments, env vars, patches or whatever).
> >
> > (Additionally, I think that we will want to be sure that if *both*
> > crypto helpers are installed, the one using libressl as backend is
> > preferred where possible).
>
> Yes, e.g. I know that net/knot prefers the gnutls one over the openssl one.
>
> I prefer to use knot with openssl, but its just a preference, am open to
> moving to gnutls.
>
> iirc curl also has some tie ins with ngtcp2, tb@ and jsing@ (cc'd) would
> know more.
>
> >
> >> The only nuisance seems to be that there is additional dependency for
> >> building
> >> this port.
> >>
> >> *) With the exception of the time stamps, therefore I've set both
> >> REVISIONs to 1.
> > The PKGPATH changes, so additionally it needs "@pkgpath net/ngtcp2" in
> > PLIST-main otherwise updates will fail, also any ports depending on
> > it need a revision bump.
> >
> > +LIB_DEPENDS-gnutls= ${BASE_PKGPATH},-main security/gnutls
> > +CONFIGURE_ARGS+= --with-openssl --with-gnutls
> >
> > break the two entries in these out onto separate lines.
> >
