Re: heimdal: remove openssl dependency

To: pkgsrc-users%NetBSD.org@localhost
Subject: Re: heimdal: remove openssl dependency
From: yancm%sdf.org@localhost
Date: Wed, 9 Oct 2019 15:06:10 -0000

> heimdal does not build against the openssl 1.1 API.
>
> It includes its own crypto (stripped down openssl code IIUC) called
> hcrypto.
>
> The attached patch switches heimdal to use that instead of an openssl
> package (which might be 1.1 e.g. on NetBSD-current).
>
> Comments?
>  Thomas

Stating the obvious?

Short term this may not be a problem, and is pragmatic.

But longer term, as openssl development focuses on 1.1+, having packages
roll (excerpt) their own crypto seems a step backward that could drive
multiple package updates to pull up changes just in the crypto library...
and be at mercy of each package to pull up bug fixes that have been
released for months in the base openssl, leaving packages potentially
vulnerable.

--gene

Follow-Ups:
- Re: heimdal: remove openssl dependency
  - From: Greg Troxel

References:
- heimdal: remove openssl dependency
  - From: Thomas Klausner

Prev by Date: Re: Pkgsrc vs Linux
Next by Date: Re: heimdal: remove openssl dependency
Previous by Thread: heimdal: remove openssl dependency
Next by Thread: Re: heimdal: remove openssl dependency
Indexes:

Home | Main Index | Thread Index | Old Index