openssl vs. libressl

[René J.V. Bertin]

On Wednesday November 11 2015 06:27:29 Ryan Schmidt wrote:

>Providing choice is not a primary goal of MacPorts. Providing software that works is.
>It seems libressl is the default ssl library in OpenBSD since one year.

I think that's hardly long enough in an OS that's hardly a mainstream OS used by "joe users" to serve the primary goal of working software (which I read as "software that's guaranteed to work").

> Variants would be a mess, and also would lead to problems when users change

We must have different definitions of what a mess is ... I know it appears to be automagic, but I've been using this principle myself for a while now, and it works.

> the variant of one port without also changing the variants of a dependency
> or dependent.

The variant description could indicate very clearly that they're not supposed to be used by the user. It would also be easy enough to check if a variant was activated in the wrong context, and raise an error.

Anyway, I think and hope that the decision of making libressl the default is not for any single person to make. I'm not dead set against changing the default, just not in the near future, and preferably not until it's become more common mainstream Linux distributions that also use binary packages.
My suggestion with the automagically set default variants was made with the idea that it'd be a temporary solution to facilitate testing the use of libressl instead of openssl. The PortGroup however could probably be reused to provide some tools to facilitate the modifications required to support an openssl port installed in its own prefix. At the very least it'd be wise to use one to provide dependents with variable(s) for the actual install location.

R.