From nobody Mon Oct 4 18:20:33 2021 X-Original-To: freebsd-ports@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 3D4B312AB089 for ; Mon, 4 Oct 2021 18:20:36 +0000 (UTC) (envelope-from mat@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4HNTY01GCVz3w7S for ; Mon, 4 Oct 2021 18:20:36 +0000 (UTC) (envelope-from mat@freebsd.org) Received: from mail.j.mat.cc (owncloud.cube.mat.cc [IPv6:2a01:678:4:1::228]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.mat.cc", Issuer "R3" (verified OK)) (Authenticated sender: mat/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id E7A732674F for ; Mon, 4 Oct 2021 18:20:35 +0000 (UTC) (envelope-from mat@freebsd.org) Received: from aching.in.mat.cc (unknown [IPv6:2a01:678:42:0:bdf4:2e83:8ff:e8ad]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: mat@mat.cc) by mail.j.mat.cc (Postfix) with ESMTPSA id B6734942D81 for ; Mon, 4 Oct 2021 18:20:34 +0000 (UTC) Date: Mon, 4 Oct 2021 20:20:33 +0200 From: Mathieu Arnold To: freebsd-ports@freebsd.org Subject: Re: State of LibreSSL in FreeBSD ports Message-ID: <20211004182033.7iaeak3z2dgwdbhw@aching.in.mat.cc> References: <20211003141654.bwlnlin6g3s2n5gt@nexus.home.palmen-it.de> List-Id: Porting software to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-ports List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-ports@freebsd.org X-BeenThere: freebsd-ports@freebsd.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="ylm3ubk7nj6fxpsc" Content-Disposition: inline In-Reply-To: <20211003141654.bwlnlin6g3s2n5gt@nexus.home.palmen-it.de> X-ThisMailContainsUnwantedMimeParts: N --ylm3ubk7nj6fxpsc Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Oct 03, 2021 at 04:16:54PM +0200, Felix Palmen wrote: > Is LibreSSL in FreeBSD ports >=20 > * supported, so ports should build with it if at all possible? > * supported on a "best effort" base, so setting a port BROKEN is > acceptable if maintaining (working) patches would be too much hassle? > * NOT supported at all, so random build failures with LibreSSL are fine? I'd say the third option, the only *SSL variant that is guaranteed too work is using the base system OpenSSL, using anything else is bound to hurt and segfault at one point or the other. This is because your software will have linking with one library from the base system that brings OpenSSL, and some other library that links with ports OpenSSL or LibreSSL, and the software calls one function that is in both. At that point, it is a variant of the russian roulette, but with about a half and half chance of the function called being resolved to the wrong library. --=20 Mathieu Arnold --ylm3ubk7nj6fxpsc Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQKTBAABCgB9FiEEVhwchfRfuV0unqO5KesJApEdfgIFAmFbReFfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDU2 MUMxQzg1RjQ1RkI5NUQyRTlFQTNCOTI5RUIwOTAyOTExRDdFMDIACgkQKesJApEd fgJ2KA/+OsSxe4EEWWhbpst/BzG3VlgYfFJw97WqzuvuhjkzxQ1YfIGq23DyHSWX yBqqJsJjf0K7f7w+LChVJcHNpNGuIuUZWcwiclprVV3d+p8MGHvGecXpHytbdbGg mqtmJLqhyiVMgJG/eCZ70OlWI07d9IwedVpjWAUB+kRyJMaA8t0LGD8HbRUSZhbr nV1oLSQasHC7zVYmz71c0AgVWppmqqYbTNHSeXoAPdModxbktKOQUoD5/RFM+Ei8 BwsV6VbHeKtm39iimXQq99OpW3scwsJbK8+pv8tdAHZ7AFTcOduq+9Un5HXNhM0j b+ul45p721rp/16nKz56DtMO/uZmqZB1TH/8JzNxOrY05Ew6ZXtHNAYzmIhjMuiX EBZUcYFah8GmgaAANZCUyjTkrXbtbBWVA5c8sFuLzHZqa8INxfdzNXaUMdQdyZhq zoVhh2ds3ZZUx1ko8WgMXbHGXnZp8zw2VAOrO0cZ7v9apsxp+qYxZsBI55QeNwnH 083rmN3FGPOHROxGryEwhckr5y9LuaGexQeE0/HQjMwTI2/JeqMRSkpb9DmCycpU +N86mq7o70K4PE7iG4nluiI/s+A7+mVuxQ8xrX4dBX0kaDWLjoWU54CLV/kuxYHO E8xJ/RpSewvEM4nYuF3cr1+L7UxZnCmTprzATSoxtugbEdTsXCg= =B0WT -----END PGP SIGNATURE----- --ylm3ubk7nj6fxpsc--