Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 9 Aug 2016 14:18:24 +0000 (UTC)
From:      Christian Weisgerber <naddy@mips.inka.de>
To:        freebsd-ports@freebsd.org
Subject:   Re: openntpd-5.7p4_2,2 depends on libressl-2.2.6 ?!
Message-ID:  <slrnnqjphg.t8q.naddy@lorvorc.mips.inka.de>
References:  <2E32FD64-2BF6-46CE-BAD2-39AF82E29E33@ellael.org> <56E1BA30.7090306@utanet.at> <010201d1ec8d$b1e53ef0$15afbcd0$@m.jwh.me.uk>

next in thread | previous in thread | raw e-mail | index | archive | help
On 2016-08-02, "Joe Holden" <mail@m.jwh.me.uk> wrote:

> That is not a fix since it breaks at least nginx in the official repo,
> because nginx depends on openssl and openntpd depends on libre.
>
> Either the entire tree should move to a library supported by everything, or
> the openntpd port gets split into meta packages so that we don't need to
> return to a stage where everyone is building ports.
>
> Was this not even considered or tested?

I put the blame on the people who thought it a good idea to have
FIVE only partially compatible SSL libraries in the tree: OpenSSL
in base, openssl, openssl-devel, libressl, libressl-devel.

Bernard Spil (brnrd) has worked hard on moving the entire tree to
LibreSSL, but the political will is missing.

Like other software coming out of OpenBSD, OpenNTPD now requires
libtls for its https functionality.  That's a new library with a
new API that doesn't exist in OpenSSL.  The constraints check is a
standard feature of OpenNTPD.  If you run OpenNTPD, you expect it
to be available.  I have no intention of disabling this by default
and it requires libtls.

> (Cc naddy)

Sorry, I somehow didn't get this.

-- 
Christian "naddy" Weisgerber                          naddy@mips.inka.de



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?slrnnqjphg.t8q.naddy>