net-libs/libsrtp: Bump to 1.5.4 and 2.0.0 #2689
Conversation
lluixhi
force-pushed
the
master
branch
3 times, most recently
from
808f63d
to
25f109d
Compare
|
This'll necessitate changing some slots on packages. I'm not sure about anything else. |
| # using test/rtpw.c guaratees the file exists in any case | ||
| sed -i -e "s:/usr/share/dict/words:rtpw.c:" test/rtpw.c || die | ||
|
|
||
| default |
There was a problem hiding this comment.
call default first thing in src_prepare
| KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 -sparc ~x86 ~x86-fbsd ~ppc-macos ~x64-macos ~x86-macos" | ||
| IUSE="aesicm console debug doc libressl openssl static-libs syslog test" | ||
|
|
||
| REQUIRED_USE="libressl? ( openssl )" |
| KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 -sparc ~x86 ~x86-fbsd ~ppc-macos ~x64-macos ~x86-macos" | ||
| IUSE="aesicm console debug doc libressl openssl static-libs syslog test" | ||
|
|
||
| REQUIRED_USE="libressl? ( openssl )" |
There was a problem hiding this comment.
get rid of this. USE="libressl" = "use libressl, if and only if, building with SSL support"
There was a problem hiding this comment.
This ebuild depends on libcrypto -- which is provided by both OpenSSL and LibreSSL -- what would an alternative be?
I don't think we should restrict the benefits of using Open/LibreSSL crypto functions to only OpenSSL users.
There was a problem hiding this comment.
if the ebuild unconditionally needs openssl, drop the openssl flag. I have yet to see an ebuild that requires REQUIRED_USE="libressl? ( openssl )", because the libressl and openssl USE flags are orthogonal to each other. USE="libressl" does NOT imply "build with libressl unconditionally", rather it means, if you are building with SSL, then use libressl.
There was a problem hiding this comment.
media-video/ffmpeg has a similar problem to what I'm trying to avoid in this ebuild. It should actually have a REQUIRED_USE="libressl? ( openssl )", because if you don't enable both, the libressl USE flag does nothing.
This ebuild does not unconditionally depend on OpenSSL, it has an optional dependency on OpenSSL to accelerate their crypto functions.
Alternatively, I can modify the line $(use_enable openssl) to pass '--enable-openssl' to configure regardless of whether we are using OpenSSL or LibreSSL.
I think I'll do that.
| # using test/rtpw.c guaratees the file exists in any case | ||
| sed -i -e "s:/usr/share/dict/words:rtpw.c:" test/rtpw.c || die | ||
|
|
||
| default |
|
Re openssl-kdf: |
|
@gentoochainsaw |
gktrk
added
bugfix
assigned
lluixhi
force-pushed
the
master
branch
2 times, most recently
from
fd4352e
to
b4db83a
Compare
| DEPEND=" | ||
| openssl? ( dev-libs/openssl:0= ) | ||
| libressl? ( dev-libs/libressl:0= ) | ||
| " |
There was a problem hiding this comment.
Okay this still seems wrong.
@blueness do you have any advice?
There was a problem hiding this comment.
@lluixhi I will repeat it one last time. USE="libressl" does NOT mean "use libressl". What USE="libressl" means, is "use libressl, if and only if, building against an openssl backend". If you do not follow this line of reasoning, see the project page https://wiki.gentoo.org/wiki/Project:LibreSSL which just reiterates all of this. The correct solution is:
openssl? (
!libressl? ( dev-libs/openssl:0= )
libressl? ( dev-libs/libressl:0= )
)
i.e. USE="openssl libressl" -> libressl, USE="openssl -libressl" -> openssl, USE="-openssl" -> no SSL. If you won't change it to this, I will close the PR for not being in line with the libressl project guidelines.
There was a problem hiding this comment.
@SoapGentoo
That page only shows the
ssl? (
!libressl? ( dev-libs/openssl:0= )
libressl? ( dev-libs/libressl:0= )
)
construct
Anyway, my understanding from that page and what @hasufell said in the past was that if a user had USE="libressl ssl" set globally, it should enable working libressl support on all packages that support an openssl-like backend without also including USE="openssl".
From the page:
"For most packages, migration is as simple as just replacing the openssl atom with a choice between openssl and libressl"
"Eventually the process should be as easy as just adding USE=libressl to your make.conf file and then doing an emerge -uvNDq world"
It is unclear to me that USE="openssl libressl" is necessary to use an openssl-like backend with libressl, but I'm changing it to what you have.
| libressl? ( dev-libs/libressl:0= ) | ||
| ) | ||
| " | ||
| RDEPEND="${DEPEND}" |
There was a problem hiding this comment.
while this is formally correct, could you still swap RDEPEND and DEPEND? It's nicer reading deps with := in RDEPEND, as subslot operators have no effect in DEPEND.
Add LibreSSL Support Switch to EAPI 6 Cleanup of src_prepare Gentoo-Bug: 596398
|
As of 5842294 |
|
@lluixhi thanks for pointing out, that |
Add LibreSSL Support
Switch to EAPI 6
Cleanup of src_prepare
Gentoo-Bug: 596398
Question:
What should I do with openssl-kdf? It requires OpenSSL-1.1.0 and doesn't work with LibreSSL