From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1NKUGv-0004pF-Ow for garchives@archives.gentoo.org; Tue, 15 Dec 2009 10:04:49 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 58DA6E0B3F for ; Tue, 15 Dec 2009 10:04:49 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 67D38E096A for ; Tue, 15 Dec 2009 08:47:20 +0000 (UTC) Received: from vapier.localnet (localhost [127.0.0.1]) by smtp.gentoo.org (Postfix) with ESMTP id DCE6367C61 for ; Tue, 15 Dec 2009 08:47:19 +0000 (UTC) From: Mike Frysinger Organization: wh0rd.org To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] USE flag(s) for ssl (always USE ssl) Date: Tue, 15 Dec 2009 03:48:38 -0500 User-Agent: KMail/1.12.4 (Linux/2.6.31.4; KDE/4.3.4; x86_64; ; ) References: <1260864333.29419.59.camel@tablet> In-Reply-To: <1260864333.29419.59.camel@tablet> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart2538047.5CBEQQlyN1"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200912150348.39287.vapier@gentoo.org> X-Archives-Salt: 4622ae86-dabb-4f18-a320-aadabc664e3a X-Archives-Hash: 6029c3bbf9a9de5809d81f1cc9b60265 --nextPart2538047.5CBEQQlyN1 Content-Type: Text/Plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable On Tuesday 15 December 2009 03:05:33 Peter Volkov wrote: > Hi. How do we choose USE flags in case package supports different ssl > implementations? >=20 > Currently we do this differently: 1. some packages use ssl USE flag and > additional gnutls (or openssl) to select alternative ssl implementation, > 2. other packages already started to avoid ssl USE flag completely and > use only openssl/gnutls/nss. >=20 > The latter makes things harder for those who want ssl enabled packages > on the system and don't care about implementation. Also it is not > intuitive to have packages without ssl with ssl USE flag enabled system > wide. So I would like to ban latter solution and suggest the following: >=20 >=20 > If package has ssl support use ssl USE flag for that. In case there are > alternatives, use openssl/gnutls/nss for upstream _less_ recommended > implementation(s). USE=3Dssl should select *some* implementation. the finer grained=20 openssl/gnutls/nss can be used to select a specific implementation, but not= =20 respecting USE=3Dssl is broken. curl is an example of this. =2Dmike --nextPart2538047.5CBEQQlyN1 Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.13 (GNU/Linux) iQIcBAABAgAGBQJLJ01nAAoJEEFjO5/oN/WBMM0P/293udZYarmiAGzM2KkLRB3Z A52D7ilAC5hIElUfWEHpMu1Fno2UyK4yKaxFcO3ZCg9rZ+aYovu04s0Gtg5Ml1Ha lP7acatJIVQWI3EwykrTblrI96fe6dYysXBorL7uZBSvkGOTEYGuQritDw/xNrKG JzT7VROyPjY0ipZ7bp7mOpv36wzURogS7HuqrV2vi2ojk8mj5raxqATJZfSU8nGF ZAVD1PUbxVoT969ifF8QlZXv8Seslel70L32VYQrGUExJ3BlVOFcGXO/5d/onZkh 1vPFR0Uf9lEEQMCumVrowASHhJ4hH2YqKb14kQNRRooUrRbBR0zdvY9cp9v7Jq9b wixEOirKtNhc+A1cozvqXoyozZGJJTbNGUbsvwIuTCKPc2TtNjvgUjhpVMQ20onE GaApNuzW2ojQ2XBqAeEpXKq8egNF6EbLZRSg/h36rK8mkXMzW+FffSDxCdBpIHDm SfuXUlrLCf1gRbr9bIykA0EZKLWqGNx+kfJSa+ac68gMAUsnObB2WSGWIfFfGkRx RsA5n9a/z8sew20VKhoO7RG73KekZNpgcZSrMEmZAWRdeVfwg6ZpzAblXZnhRFZ+ +kKrdqi1T1r7rZnRkyiSPIYWN/1+fCBbWHIPfj532ZX4dP0Judhd/GSs6YgG2nmo gUbOzoW4mDszMEUMBDtB =rDvO -----END PGP SIGNATURE----- --nextPart2538047.5CBEQQlyN1--