Date: Sat, 9 Jul 2016 12:49:53 +0200 From: Guido Falsi <mad@madpilot.net> To: freebsd-ports@freebsd.org Subject: Re: base components should always be default (Re: change in default openssl coming) Message-ID: <6ceaba03-3e07-606d-3c93-f3f40c8ae38d@madpilot.net> In-Reply-To: <SN2PR20MB0845FAC67392F6D12166894F803D0@SN2PR20MB0845.namprd20.prod.outlook.com> References: <D13290234BD20864405FC0B2@atuin.in.mat.cc> <f146f327-67f8-2ecf-21a9-b348dbe614c2@aldan.algebra.com> <alpine.BSF.2.20.1607091032170.3737@laptop.wojtek.intra> <SN2PR20MB0845FAC67392F6D12166894F803D0@SN2PR20MB0845.namprd20.prod.outlook.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 07/09/16 12:19, Gerard Seibert wrote: > On Sat, 9 Jul 2016 10:32:35 +0200, Wojciech Puchar stated: > >> Why openssl is a part of base system at all? > > Interesting question. Perl was removed from the base system years ago > with no ill affects. > There's a kerberos implementation in base which requires OpenSSL. libfetch and fetch also require it to access the https sites I can imagine. svnlite also links to it. (needed for svn+https://) Most probably also other parts I'm not thinking about. Completely removing OpenSSL from base requires replacing it with some other SSL implementation, or removing a lot of other goodies which interface themselves with the external world from base. With this change it could be possible to make the base bundled OpenSSL (or equivalent) a private library never seen by ports (with the exception of pkg, which also needs it and cannot depend on another port), which is as near as you can get to removing it. Such a change would make it easier to update or change it, since it's not an exposed API/ABI anymore at that point and so not restricted from change. -- Guido Falsi <mad@madpilot.net>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6ceaba03-3e07-606d-3c93-f3f40c8ae38d>