David Brownlee <abs%absd.org@localhost> writes: > On Thu, 30 Sept 2021 at 08:48, Jonathan Perkin <jperkin%joyent.com@localhost> wrote: >> >> * On 2021-09-30 at 01:03 BST, Greg Troxel wrote: >> >> > I don't see wip/openssl at 3.0.0, which is how most people would build >> > a not-yet-in-pkgsrc version, together with some variable to force >> > pkgsrc openssl after it's installed, and a note explaining that, so >> > they too can play the "catch up with API breaks" game. >> >> Until we move to a proper mk/ssl.buildlink3.mk there's little point >> having a wip/openssl as security/openssl is hardcoded in hundreds of >> places. > > Is it worth someone doing a pass to add mk/ssl.buildlink3.mk first? > > That would get a large rototill which _should_ not break any builds > out of the way first, then make it easier to test switching openssl > versions. This really bears on the question of whether openssl3 is optional or required. Right now netbsd 9 has 1.1.1 and that's likely to continue, and I don't think it's good to force those systems that to move to 3, especially since 3 has at this point been out less than a month. We also don't know that the schedule is for netbsd-current (heading to 10 someday of course) to move to openssl3. I'll ask. Beyond that, there's having both openssl1 and openssl3 in pkgsrc and letting one or the other be useed, which lets people avoid openssl3 pain, of which I'm sure there will be a bunch even if we think we've gotten it all. Depending on when pkgsrc is updated, this is more or less reasonable. Given that 3 is freshly out, moving to it this quarter seems very aggressive. > Related - is there any sense in planning to allow openssl3 to install > to a different location to openssl1 so they can both be installed on > the same system? (I understand that may open up more cans of worms > than it solves) I have no real appetite to go there. I guess it's an interesting question who if anyone does.
Attachment:
signature.asc
Description: PGP signature