"Paul B. Henson" <henson%acm.org@localhost> writes: > I see libressl is in wip with some recent discussion on the list. Is > there any idea yet when it might get moved to production? The latest > openntpd has an optional dependency on libtls (part of libressl). It > will work without it, but the new TLS constraint option won't be > available. In the long run, I'm thinking of making tls support an option > for the openntpd package which will pull in libressl if enabled. There's a whole can of worms there, and it may be better to discuss the big picture. As I see it, libressl is a replacement for openssl (can't install both) and is missing some things and has some new things. So it seems like a mk/ssl.mk is needed to have a preferred version, and then packages that need the non-preferred one can fail. That amounts to the same thing as what you said, but is more explicit about the bind that having incompatible things that own the same namespace. Alternatively, the libressl package could get installed in a subprefix, so we can have both. But I don't see figuring this out as a bar to import. > If libressl will likely get promoted relatively soon, I'll probably > just wait for it to show up, otherwise I might create an openntpd > package in wip to play with the libtls support. The freeze will be over shortly, and then it will be possible to import packages. Looking at what's in wip, I don't see any reason not to import it. So: if anybody thinks it shouldn't be imported over the week or so starting at thaw, please speak up.
Attachment:
pgpKrHKrkHQwM.pgp
Description: PGP signature