From nobody Tue May 02 07:39:32 2023 X-Original-To: freebsd-arch@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Q9X6n0P9Sz48dhb for ; Tue, 2 May 2023 07:40:17 +0000 (UTC) (envelope-from Alexander@leidinger.net) Received: from mailgate.Leidinger.net (mailgate.leidinger.net [IPv6:2a00:1828:2000:313::1:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (P-256)) (Client CN "mailgate.leidinger.net", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Q9X6m5rGPz4b3Z for ; Tue, 2 May 2023 07:40:16 +0000 (UTC) (envelope-from Alexander@leidinger.net) Authentication-Results: mx1.freebsd.org; none Date: Tue, 02 May 2023 09:39:32 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=leidinger.net; s=outgoing-alex; t=1683013211; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to; bh=yZIsk9R+ZFtf2XS/uJz8XzibpTJ3zz4OTY2KJIDT/P4=; b=CnUkZh9FH0EEq1dSqtgm8q2+eivx+82ZAdZsEGgaQ63PW+5NrpIUoCWdrdysdKD6y2RFGb JOr/pDZgve+1iQt15ijqLafSqoqDMZrm4xmaahhDUY0GDceIgEow8T16SjJ4pF1tlbV0aK dIWBJLFXXCZCxaChDr19BsKT39ZJuBD8xouV8lhUkkNm6XxJwGhvrYkdxSUGAGX8S1F8oZ Ezi/khDRmuCPqDeezwBvPLNT2Qpkg7t3dxWUiay7SuWIe3XPj3mEgG+mhJ6CHtP9/Pj8mF Pl1gpgJ+iR7IZOLw43/Xyvedl9HJ7gQi321xzAB5Pi2KvwNFr5x4O82J9WUkRg== Message-ID: <20230502093932.Horde.uHWwvXLE_HzfiMtFPj7-DHc@webmail.leidinger.net> From: Alexander Leidinger To: Enji Cooper Cc: FreeBSD-arch list , bofh@freebsd.org, brnrd@freebsd.org, Cy Schubert , Ed Maste , vishwin@freebsd.org Subject: Re: OpenSSL 3.0 for 14.0-RELEASE: issues with 1.x/3.x symbol clashing, ports linking against base OpenSSL, ports that don't compile/link against OpenSSL 3, etc In-Reply-To: Accept-Language: de,en Content-Type: multipart/signed; boundary="=_JAofPRg7LCogb4zADovpHuB"; protocol="application/pgp-signature"; micalg=pgp-sha256 List-Id: Discussion related to FreeBSD architecture List-Archive: https://lists.freebsd.org/archives/freebsd-arch List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-arch@freebsd.org MIME-Version: 1.0 X-Rspamd-Queue-Id: 4Q9X6m5rGPz4b3Z X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:34240, ipnet:2a00:1828::/32, country:DE] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-ThisMailContainsUnwantedMimeParts: N This message is in MIME format and has been PGP signed. --=_JAofPRg7LCogb4zADovpHuB Content-Type: text/plain; charset=utf-8; format=flowed; DelSp=Yes Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Quoting Enji Cooper (from Mon, 1 May 2023=20=20 18:55:09=20-0700): > Hello, > One of the must-haves for 14.0-RELEASE is the=20=20 >=20introduction of OpenSSL 3.0 into the base system. This is a must=20=20 >=20because, in short, OpenSSL 1.1 is no longer supported as of=20=20 >=2009/26/2023 [1]. > =C2=A0 > I am proposing OpenSSL be made private along with all dependent=20= =20 >=20libraries, for the following reasons: As doing that requires some changes to ports too, I'm repeating (a=20=20 short=20gist of it) my opinion which I voiced in the other thread about=20= =20 OpenSSL: =20 - any solution to ports needs to keep in mind, that we have 13.x=20=20 (with=20OpenSSL 1.1.1) supported for a while, which means we will have=20= =20 conditionals=20in ports on the OpenSSL version and visibility of the=20=20 basesystem=20libs anyway (people working in making those libs private=20=20 need=20to touch ports, and with the focus on making them private we need=20= =20 to=20keep in mind that we have a supported stable branch where they are=20= =20 not=20private) - as such making those libs private in 14 is orthogonal to the issue=20= =20 at=20hand and could be worked on in parallel (as the topic here are=20=20 making=20the libs private, I only want to make this fact explicit=20=20 instead=20of having it implicit in between the lines of your text) - we will have hickups in the ports tree regarding this (sometimes=20=20 on=2013.x, sometimes in -current, sometimes in both) and personally I=20=20 wouldn't=20mind if we declare the main branch of ports temporary as a=20=20 work=20in progress of the OpenSSL migration and go ahead step by step=20=20 there=20(mention in src-UPDATING and ports-UPDATING that we transition=20= =20 to=20OpenSSL 3 and the tree is "unstable" and people should switch to=20=20 the=20quarterly branch until further notice if they want to be sure to=20= =20 get=20a buildable ports tree) Bye, Alexander. --=20 http://www.Leidinger.net=20Alexander@Leidinger.net: PGP 0x8F31830F9F2772BF http://www.FreeBSD.org netchild@FreeBSD.org : PGP 0x8F31830F9F2772BF --=_JAofPRg7LCogb4zADovpHuB Content-Type: application/pgp-signature Content-Description: Digitale PGP-Signatur Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIzBAABCAAdFiEER9UlYXp1PSd08nWXEg2wmwP42IYFAmRQvjMACgkQEg2wmwP4 2Ia1GQ/9GVAyBUjNaF6B1xezkamuBJHN3DOU4EKplIf/rVEF9+GLtkwwhAtwaIUs y6kq7Zlb+NKHIPAzc4lYMJ0vYp9Tlfsvt7sW5R61ny5v94bUlc4yBoewWZ7Zmxql G2q/kueyHNpDty1Nl2dLSkaVOZtREfKvqe3nIOHViZ2P2kIddRC4Ruct9QGZpn1T OVjNYbuaS2wV4/5LTHSxNkXLzhbeqzxe+wGxPlPF8I5PyXdS2Bj8l4ugMxuwacO6 bMcMGWYN+qfAuU9c/xtlDxClkvDdDPa571yI0mMwAqcO1qW8W21yVuAW1LSMNz0g 0HP3+sKieE3/LwIYOZdrP+x1b16+1A9RAjtulnfa26kzDx6CFhISabl20ay5oIK4 7TByVIIPWohUlcPeYZInFC7mqlgFChRb42Eil9DmWmMKQYK8E1k/kmLT6eZrmy7s zsW0OlDVYRXJFOFBbqwFaai0l4hZKjVeabe4MTES/kqU8CSBJkPM0mBwk45ms4SH sbY00ONhfnYc6VF1YaXy84IRfyJ7/NfICO5nrjMxTaKU+Q3/E98P8FTOz7Bc2Hau D+bcSUw1VEdNGa8OSeFyrwaRD0gh8UaCxj9q/VlD8P9drcTWaRQEmPps645nGLwt skNZh9wm+c7yPi7eA0NJ3Gal4ttXxsiwBQpvMCGqZ9e3ozqMo/0= =SPLR -----END PGP SIGNATURE----- --=_JAofPRg7LCogb4zADovpHuB--