Re: the path to openssl3

To: Tobias Nygren <tnn%NetBSD.org@localhost>
Subject: Re: the path to openssl3
From: Greg Troxel <gdt%lexort.com@localhost>
Date: Sun, 17 Sep 2023 09:28:35 -0400

Tobias Nygren <tnn%NetBSD.org@localhost> writes:

> I don't like this approach but unfortunately it is necessary. Right now
> we have the problem that some abandonware doesn't build with openssl 3.
> But a couple of years down the road we will have the opposite problem:
> Maintained software will ONLY work with openssl 3, important packages
> will start to break on NetBSD <10 and it will be necessary to blanket
> require openssl from pkgsrc on that subset of platforms to maintain
> some sort of sanity.

Agreed on what's coming.

> I would prefer however if security/openssl can just go to 3 and we
> re-import security/openssl11 with alternate libdir/incdir patches.
> Similar to how RHEL9 added a compat-openssl11 package to deal with
> this problem. The VERSIONS_ACCEPTABLE/VERSIONS_INCOMPATIBLE stuff can
> IMHO wait and we just point abandonware packages directly at
> openssl11's bl3.mk.

If we do this, then I think both openssl(3) and openssl1 need
builtin.mk, and therefore packages that just use openssl(3) will use
native on netbsd10 and pkgsrc on earlier (and presumably similar for
other systems after/before they switch).

There will perhaps be issues if something needs both because of two
libs, but the only sane path is to fix the package that doesn't build
with 3.

It seems like a big enough change that it warrants someone preparing the
change and testing a bulk on netbsd10 and netbsd9, at least.

References:
- the path to openssl3
  - From: Greg Troxel
- Re: the path to openssl3
  - From: Tobias Nygren

Prev by Date: Re: nawk-20230911 problem
Next by Date: daily pkgsrc CVS update output
Previous by Thread: Re: the path to openssl3
Next by Thread: Re: the path to openssl3
Indexes:

Home | Main Index | Thread Index | Old Index