Re: Patch to add "chacha20" option to OpenSSL package

[Timshel Knoll-Miller <timshel%fluentdevelopment.com.au@localhost>]

No worries, I wasn't sure what the feeling would be on that. I had hoped you might be OK with it as a non-default build option, but understand where you're coming from and fully respect the decision.

And agree that an OpenSSL 1.1 package would be a great way to go! If no one else gets to it first and I manage to get a few free hours in the next couple of months, I might have a go at a wip version! :-P

Cheers,

Timshel

On Thu, 16 Feb 2017 at 08:53 <coypu%sdf.org@localhost> wrote:

On Wed, Feb 15, 2017 at 01:20:33AM +0000, Timshel Knoll-Miller wrote:
> [Please CC any replies to me - I'm not on this list]
>
> Hi to anyone responsible for the pkgsrc OpenSSL package,
>
> I've created a patch to the pkgsrc openssl package which I use locally to
> build openssl with support for the ChaCha20/Poly1305 cipher. This works by
> including a 3rd-party patch backported from OpenSSL 1.1, which was
> originally produced by CloudFlare.
>
> I'm attaching the patch in the hope that you may be willing to upstream it!
> Let me know if there is anything you'd like me to change or improve with
> the patch.
>

Hi, Timshel.

Normally that would be welcome with open arms, but openssl is
a security-sensitive package, and I imagine others would also
agree that we should avoid deviating from upstream code for that
reason.

We should provide OpenSSL 1.1, though! That'd also provide those
ciphers.

Sorry, and thanks for the effort.

--

Timshel Knoll-Miller Co-founder Fluent Development 15 Manna Lane, Cudgee VIC 3265 p: +61 (03) 5537 9122 m: 0434 864 908e: timshel%fluentdevelopment.com.au@localhost w: fluentdevelopment.com.au