Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WIP: relax port:openssl to path:lib/libssl.dylib:openssl #1216

Closed
wants to merge 1 commit into from
Closed

WIP: relax port:openssl to path:lib/libssl.dylib:openssl #1216

wants to merge 1 commit into from

Conversation

janstary
Copy link
Contributor

These are exactly the ports that specify port:openssl
as opposed to path:lib/libssl.dylib:openssl,
which all the other ssl-dependent ports do.

This is work in progress.
Please test whether this breaks your port.

  1. uninstall openssl and everything that depends on it
  2. install libressl instead, providing libssl.dylib
  3. rebuild you port with port -vs install
  4. see how it works or breaks; please report here.

I'm testing on MacOS 10.13.2. with Xcode 9.2

@janstary
relax port:openssl to path:lib/libssl.dylib:openssl
6a5cd21 
These are exactly the ports that specify port:openssl
as opposed to path:lib/libssl.dylib:openssl,
which all the other ssl-dependent ports do.
@macportsbot
Copy link

macportsbot commented Jan 10, 2018
edited by kencu

Notifying maintainers:
@stromnov for port phantomjs.
@MarcusCalhoun-Lopez for port qt5, qt55, qt56, qt57, qt58, qt59.
@seanfarley for port fbthrift, folly.
@mkae for port qca.
@RJVB for port qca.
@RoddieKieley for port qpid-proton.

@RJVB
Copy link
Contributor

RJVB commented Jan 10, 2018

Last time I tried to use libressl instead of openssl it didn't take long before I fled back to openssl (and abandoned my project to write an SSL PortGroup supposed to help choosing and possibly switching between SSL providers).

It's hardly feasible to switch, in practice because of ABI incompatibilities. That also means that testing a build with both SSL providers is a big and disruptive investment. As far as I'm concerned the burden to show libressl is a viable alternative dependency is therefore on those who'd like to see support for it, esp. for Qt5 ports and dependents because of https://trac.macports.org/ticket/51358#comment:6 (a quick search on "Qt5 and libressl" returned the trac ticket as the 2nd hit). See also https://github.com/voidlinux/void-packages/issues/5998 in case you want to venture into patching Qt.

I have however nothing against making port:qca-qt5 use the path-style depspec, provided someone can show it works when Qt itself is built to use the native Secure Transport framework.

@pmetzger
Copy link
Member

I agree with @RJVB

@cjones051073
Copy link
Member

As discussed on the mailing list, it was probably a mistake to use the "path:lib/ssl.dylib:openssl" syntax in the first place to deal with this, as libressl is not, and will not be, a direct drop in replacement for openssl.

I agree with this, to that end would vote for not merging this. Yes, the mistake has been made but we should not compound it further.

Instead, we should take the approach as discussed in

https://trac.macports.org/ticket/54744

@RoddieKieley
Copy link
Contributor

I agree with @cjones051073 and taking the approach outlined in the comments of 54744; i.e.

  • no deprecation of OpenSSL
  • build variants for the *SSL ports

As far as I'm aware no other *SSL libraries have been utilized or tested with Qpid Proton thus far so I'd be hesitant to make it the default at this point in time.

@janstary janstary closed this Feb 22, 2018
@janstary janstary deleted the ssldep branch April 2, 2018 16:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
maintainer: requires approval
Milestone
No milestone
6 participants
@janstary @macportsbot @RJVB @pmetzger @cjones051073 @RoddieKieley