X-Original-To: alpine-devel@lists.alpinelinux.org Received: from mx1.tetrasec.net (mx1.tetrasec.net [74.117.190.25]) by lists.alpinelinux.org (Postfix) with ESMTP id 488CA5C585B for ; Tue, 23 Oct 2018 11:36:01 +0000 (GMT) Received: from mx1.tetrasec.net (mail.local [127.0.0.1]) by mx1.tetrasec.net (Postfix) with ESMTP id B72989E1D58; Tue, 23 Oct 2018 11:36:00 +0000 (GMT) Received: from ncopa-desktop.copa.dup.pw (67.63.200.37.customer.cdi.no [37.200.63.67]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: alpine@tanael.org) by mx1.tetrasec.net (Postfix) with ESMTPSA id C6F9B9E00F8; Tue, 23 Oct 2018 11:35:59 +0000 (GMT) Date: Tue, 23 Oct 2018 13:35:53 +0200 From: Natanael Copa To: William Pitcock Cc: Laurent Bercot , alpine-dev Subject: Re: [alpine-devel] Switching back to OpenSSL Message-ID: <20181023133553.28167249@ncopa-desktop.copa.dup.pw> In-Reply-To: References: <20181011171746.4c01f758@ncopa-desktop.copa.dup.pw> <20181012201258.6c048e41@ncopa-desktop.copa.dup.pw> X-Mailer: Claws Mail 3.17.1 (GTK+ 2.24.32; x86_64-alpine-linux-musl) X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On Tue, 23 Oct 2018 00:07:55 -0500 William Pitcock wrote: > Hi, >=20 > On Sat, Oct 13, 2018 at 11:43 AM William Pitcock > wrote: > > > > Hi, > > > > On Fri, Oct 12, 2018 at 1:13 PM Natanael Copa w= rote: =20 > > > > > > On Fri, 12 Oct 2018 17:30:04 +0000 > > > "Laurent Bercot" wrote: > > > =20 > > > > >But, I can split out the LibreSSL libtls as a standalone package a= nd > > > > >adapt it to use with our OpenSSL packages. It is something we pla= n to > > > > >do in Ad=E9lie anyway, so it may as well be incubated upstream. =20 > > > > =20 > > > > >Would the above solution be sufficient to resolve your concerns? = =20 > > > > > > > > Yes, an alternative implementation of libtls works for me. > > > > Thanks! =20 > > > > > > We use libtls for our ssl_client for busybox wget, so yes, we need so= me > > > sort of libtls implementation. > > > > > > I think there are some port of it to OpenSSL out there, but I don't > > > know what the state is. =20 > > > > I created an aport which builds LibreSSL's libtls against some compat > > stubs and links against system openssl. This is, for obvious reasons, > > living in testing. > > Can people give it a go and tell me if it works? > > > > Some very light testing indicates success thus far, but... =20 >=20 > Has anyone tried using the libtls-standalone package in testing as of > yet? It would be nice to know if it is working for others. I haven't yet. I was thinking to get the openssl 1.1. package built first and maybe pushed to either main or testing. Once that is done I will test it with our ssl_client with busybox. -nc > William --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---