libressl vs openssl
neumann at wu.ac.at
Wed Jan 10 10:02:46 UTC 2018
Am 09.01.18 um 18:24 schrieb Perry E. Metzger:
> On Mon, 8 Jan 2018 18:47:14 +0100 Jan Stary <hans at stare.cz> wrote:
>> Hi Jeremy,
>>> On Sat, Dec 02, 2017 at 06:03:17AM -0800, Jeremy Huddleston
>>> Sequoia wrote:
>>>> There are some things that I want to do to the port (and
>> It would be very nice if all ports currently depending on openssl
>> would build against libressl, and we could get rid of openssl
>> in favor of the way-superior libressl (until Apple replaces
>> it system wide. ha ha ha.)
> I'm not sure I agree with the claim that libressl is necessarily
i would as well be cautions with the term "superior", at least when the
are not clear.
In the past i have provided support for OpenSSL 1.0.* and 1.1.* and
LibreSSL 2.6.3 and 2.6.4 for non-trivial projects , and from my experience
this is not a simple drop-in replacement in general. One pain is that
changed some calls between 1.0 and 1.1, and another one is that
LibreSSL claims to be OpenSSL 2.* (via |OPENSSL_VERSION_NUMBER|)
which confuses source code that has to compare for version numbers
for the above reasons.
The process is doable (see e.g. HardenedBSD , OpenBSD 5.6), but
cooperation with upstream projects is probably required for some packages.
all the best
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the macports-dev