openssl vs. libressl
Ryan Schmidt
ryandesign at macports.org
Mon Nov 9 13:05:26 PST 2015
On Nov 9, 2015, at 2:43 PM, Brandon Allbery wrote:
> On Mon, Nov 9, 2015 at 3:39 PM, René J.V. wrote:
>> I understand that libressl aims to be API-compatible with openssl so that it can act as a drop-in replacement. How far does that go, far enough that one can symlink the libssl and libcrypto runtimes from the one port to the shared libraries of the other, without having to rebuild dependents?
>
> My understanding is that the API (i.e. source) compatibility is mostly there but the A*B*I (binary) compatibility was a swing and a miss; assume you have to rebuild stuff.
In r139229 Jeremy made libressl a drop-in replacement for openssl. If a rebuild is needed to make things work, then this was the wrong solution, and openssl and libressl variants should have been added to all the ports touched by r139229. That would obviously be a pain so let's verify whether that is really needed.
What happens if you install a port like curl for example that depends on openssl, and then force-deactivate openssl and install libressl instead? Does curl still work for accessing secure sites or do you get an error?
More information about the macports-users
mailing list