Mail archive
alpine-devel

Re: [alpine-devel] TLS library provider for makedepends

From: Alba Pompeo <albapompeo_at_gmail.com>
Date: Thu, 8 Feb 2018 08:53:35 -0200

I heard good things about BearSSL.
https://bearssl.org/


On Tue, Feb 6, 2018 at 8:29 PM, Kiyoshi Aman <aphrael_at_alpinelinux.org> wrote:
> Hi,
>
> I think it's inappropriate for libressl to be considered a replacement for
> openssl. Whether it's secure or not, the project has not kept its API
> compatibility promises, therefore making it impossible to compile software
> that is necessary for webapps such as taiga. Consequently, I support
> returning to openssl as system default, and only keeping libressl around for
> software which actually requires it.
>
> On Tue, Nov 7, 2017 at 12:36 AM Timo Teras <timo.teras_at_iki.fi> wrote:
>>
>> On Mon, 6 Nov 2017 20:04:31 -0600
>> "A. Wilcox" <awilfox_at_adelielinux.org> wrote:
>>
>> > However, Adélie targets 32-bit x86, 32-bit MIPS, 32-bit PowerPC, and
>> > 32-bit ARM. Obviously this is therefore a quite significant issue for
>> > us. We do not want to have to soft-fork every package in the Alpine
>> > aports repository that depends on OpenSSL or LibreSSL to change the
>> > library provider. I am soliciting ideas on how to move forward.
>> >
>> > My own idea would be to make a libssl-dev virtual that is satisfied by
>> > libressl-dev on Alpine and openssl-dev on Adélie. We can use the new
>> > provides_priority to accomplish this, and then we only have to
>> > soft-fork the OpenSSL package.
>> >
>> > Other ideas (that do not include dropping 32-bit architectures from
>> > Adélie) are welcome. Let's discuss.
>>
>> This sounds like good idea to me. We don't need to even wait for
>> provides_priority stuff, just use versioned provides since the two
>> packages cannot co-exist.
>>
>> provides="libssl-dev=1" or similar for the package in aports that
>> should be used, and apk will automatically use it. And update all
>> makedepends for the new package name.
>>
>> As alternative, on Adelie, you could just do in openssl-dev
>> provides="libressl-dev=99999" and it would be preferred over openssl.
>>
>> But would be nice to get rid of the package specific name and migrate
>> to 'libssl-dev' or 'ssl-dev'.
>>
>> Other thoughts?
>>
>> Timo
>
> --
> -- Kiyoshi Aman


---
Unsubscribe:  alpine-devel+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-devel+help_at_lists.alpinelinux.org
---
Received on Thu Feb 08 2018 - 08:53:35 GMT