Changes between Initial Version and Version 1 of Ticket #54744, comment 5


Ignore:
Timestamp:
Jan 11, 2018, 5:33:17 PM (5 years ago)
Author:
RJVB (René Bertin)
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #54744, comment 5

    initial v1  
    1 I'd vote against deprecating openssl or anything that looks like it - I don't think we can get around it as long as it's the de-facto SSL provider on Linux (= the platform for which so many of the ports in MacPorts are written). It doesn't really matter how technically inferior it is; as long as it's good enough to do the job it's probably the more practical and thus the better solution. I'm not interested in having to jump through all kinds of hoops to get a theoretically better SSL implementation while most of the software I work with was conceived to use OpenSSL and the majority of "my" ports depend on (or are dependencies of) Qt5 which is incompatible with LibreSSL.
     1> I'd like to keep things simple, and simplest would be not to add another ssl library.
     2
     3I'd vote against deprecating openssl or anything that looks like it for that same reason - I don't think we can get around it as long as it's the de-facto SSL provider on Linux (= the platform for which so many of the ports in MacPorts are written). It doesn't really matter how technically inferior it is; as long as it's good enough to do the job it's probably the more practical and thus the better solution. I'm not interested in having to jump through all kinds of hoops to get a theoretically better SSL implementation while most of the software I work with was conceived to use OpenSSL and the majority of "my" ports depend on (or are dependencies of) Qt5 which is incompatible with LibreSSL.
    24
    35As expressed on another ticket, I'd vote for an approach with a build variant coupled with a mechanism to indicate incompatibility with either one of the alternative *SSL ports - probably via a PortGroup just because that's more practical to maintain than an implementation as a feature in "base". In fact I set out designing such an SSL PG a bit over 2y ago but gave up when I came to the conclusion that LibreSSL wasn't such a viable alternative to OpenSSL in practice.