New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
net-libs/libsrtp: Bump to 1.5.4 and 2.0.0 #2689
Conversation
808f63d
to
25f109d
Compare
This'll necessitate changing some slots on packages. I'm not sure about anything else. |
# using test/rtpw.c guaratees the file exists in any case | ||
sed -i -e "s:/usr/share/dict/words:rtpw.c:" test/rtpw.c || die | ||
|
||
default |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
call default
first thing in src_prepare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Alright.
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 -sparc ~x86 ~x86-fbsd ~ppc-macos ~x64-macos ~x86-macos" | ||
IUSE="aesicm console debug doc libressl openssl static-libs syslog test" | ||
|
||
REQUIRED_USE="libressl? ( openssl )" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
don't need this
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 -sparc ~x86 ~x86-fbsd ~ppc-macos ~x64-macos ~x86-macos" | ||
IUSE="aesicm console debug doc libressl openssl static-libs syslog test" | ||
|
||
REQUIRED_USE="libressl? ( openssl )" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
get rid of this. USE="libressl"
= "use libressl, if and only if, building with SSL support"
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This ebuild depends on libcrypto -- which is provided by both OpenSSL and LibreSSL -- what would an alternative be?
I don't think we should restrict the benefits of using Open/LibreSSL crypto functions to only OpenSSL users.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if the ebuild unconditionally needs openssl, drop the openssl flag. I have yet to see an ebuild that requires REQUIRED_USE="libressl? ( openssl )"
, because the libressl
and openssl
USE flags are orthogonal to each other. USE="libressl"
does NOT imply "build with libressl unconditionally", rather it means, if you are building with SSL, then use libressl.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
media-video/ffmpeg has a similar problem to what I'm trying to avoid in this ebuild. It should actually have a REQUIRED_USE="libressl? ( openssl )", because if you don't enable both, the libressl USE flag does nothing.
This ebuild does not unconditionally depend on OpenSSL, it has an optional dependency on OpenSSL to accelerate their crypto functions.
Alternatively, I can modify the line $(use_enable openssl) to pass '--enable-openssl' to configure regardless of whether we are using OpenSSL or LibreSSL.
I think I'll do that.
# using test/rtpw.c guaratees the file exists in any case | ||
sed -i -e "s:/usr/share/dict/words:rtpw.c:" test/rtpw.c || die | ||
|
||
default |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
same thing here
Re openssl-kdf: |
@gentoochainsaw |
fd4352e
to
b4db83a
Compare
DEPEND=" | ||
openssl? ( dev-libs/openssl:0= ) | ||
libressl? ( dev-libs/libressl:0= ) | ||
" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Okay this still seems wrong.
@blueness do you have any advice?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@lluixhi I will repeat it one last time. USE="libressl"
does NOT mean "use libressl". What USE="libressl"
means, is "use libressl, if and only if, building against an openssl backend". If you do not follow this line of reasoning, see the project page https://wiki.gentoo.org/wiki/Project:LibreSSL which just reiterates all of this. The correct solution is:
openssl? (
!libressl? ( dev-libs/openssl:0= )
libressl? ( dev-libs/libressl:0= )
)
i.e. USE="openssl libressl"
-> libressl, USE="openssl -libressl"
-> openssl, USE="-openssl"
-> no SSL. If you won't change it to this, I will close the PR for not being in line with the libressl project guidelines.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@SoapGentoo
That page only shows the
ssl? (
!libressl? ( dev-libs/openssl:0= )
libressl? ( dev-libs/libressl:0= )
)
construct
Anyway, my understanding from that page and what @hasufell said in the past was that if a user had USE="libressl ssl"
set globally, it should enable working libressl support on all packages that support an openssl-like backend without also including USE="openssl"
.
From the page:
"For most packages, migration is as simple as just replacing the openssl atom with a choice between openssl and libressl"
"Eventually the process should be as easy as just adding USE=libressl
to your make.conf
file and then doing an emerge -uvNDq world
"
It is unclear to me that USE="openssl libressl"
is necessary to use an openssl-like backend with libressl, but I'm changing it to what you have.
libressl? ( dev-libs/libressl:0= ) | ||
) | ||
" | ||
RDEPEND="${DEPEND}" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
while this is formally correct, could you still swap RDEPEND
and DEPEND
? It's nicer reading deps with :=
in RDEPEND
, as subslot operators have no effect in DEPEND
.
Add LibreSSL Support Switch to EAPI 6 Cleanup of src_prepare Gentoo-Bug: 596398
As of 5842294 |
@lluixhi thanks for pointing out, that |
Add LibreSSL Support
Switch to EAPI 6
Cleanup of src_prepare
Gentoo-Bug: 596398
Question:
What should I do with openssl-kdf? It requires OpenSSL-1.1.0 and doesn't work with LibreSSL