Re: OpenSSL 3.0 for 14.0-RELEASE: issues with 1.x/3.x symbol clashing, ports linking against base OpenSSL, ports that don't compile/link against OpenSSL 3, etc
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 02 May 2023 07:39:32 UTC
Quoting Enji Cooper <yaneurabeya@gmail.com> (from Mon, 1 May 2023 18:55:09 -0700): > Hello, > One of the must-haves for 14.0-RELEASE is the > introduction of OpenSSL 3.0 into the base system. This is a must > because, in short, OpenSSL 1.1 is no longer supported as of > 09/26/2023 [1]. > > I am proposing OpenSSL be made private along with all dependent > libraries, for the following reasons: As doing that requires some changes to ports too, I'm repeating (a short gist of it) my opinion which I voiced in the other thread about OpenSSL: - any solution to ports needs to keep in mind, that we have 13.x (with OpenSSL 1.1.1) supported for a while, which means we will have conditionals in ports on the OpenSSL version and visibility of the basesystem libs anyway (people working in making those libs private need to touch ports, and with the focus on making them private we need to keep in mind that we have a supported stable branch where they are not private) - as such making those libs private in 14 is orthogonal to the issue at hand and could be worked on in parallel (as the topic here are making the libs private, I only want to make this fact explicit instead of having it implicit in between the lines of your text) - we will have hickups in the ports tree regarding this (sometimes on 13.x, sometimes in -current, sometimes in both) and personally I wouldn't mind if we declare the main branch of ports temporary as a work in progress of the OpenSSL migration and go ahead step by step there (mention in src-UPDATING and ports-UPDATING that we transition to OpenSSL 3 and the tree is "unstable" and people should switch to the quarterly branch until further notice if they want to be sure to get a buildable ports tree) Bye, Alexander. -- http://www.Leidinger.net Alexander@Leidinger.net: PGP 0x8F31830F9F2772BF http://www.FreeBSD.org netchild@FreeBSD.org : PGP 0x8F31830F9F2772BF