From: "Chí-Thanh Christopher Nguyễn" <chithanh@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] Creating a USE_EXPAND for ssl providers
Date: Wed, 11 Jun 2014 16:22:01 +0200 [thread overview]
Message-ID: <53986609.1050907@gentoo.org> (raw)
In-Reply-To: <20140611154537.010bef0e@pomiot.lan>
Michał Górny schrieb:
> Dnia 2014-06-11, o godz. 15:30:26
> Chí-Thanh Christopher Nguyễn <chithanh@gentoo.org> napisał(a):
>
>>> 3. There is no clean way of enforcing SSL provider match between
>>> packages. Wasn't this thread initially about curl and rtmpdump
>>> requiring matching flags?
>> It could be enforced if an eclass does the actual choice of crypto
>> provider in a reproducible way. That would be not trivial though.
> No, it can't. Let's say package A depends on package B and requires
> the same SSL provider.
>
> A has 'openssl gnutls'
> B has 'openssl gnutls polarssl'
>
> Now let's say the eclass prefers polarssl over the other two. How are
> you going to make A dep on B?
>
It is not trivial, but I don't think it is impossible. I had thought of
the following, but have not carefully checked that it covers all cases.
crypto-providers.eclass would have a list CRYPTO_PROVIDERS_SUPPORTED
sorted descending by priority, and A and B would pass in a variable
CRYPTO_PROVIDERS the acceptable providers. The eclass would provide
functions which expand into USE dependencies to ensure that no
higher-prioritized crypto provider is selected in B.
Example:
crypto-providers.eclass:
CRYPTO_PROVIDERS_SUPPORTED="polarssl openssl gnutls libgcrypt libnettle ..."
crypto-providers_only() returns USE dependency on its arguments, and
negative USE dependencies for all providers with higher priority, e.g.
crypto-providers_only(gnutls) returns "-crypto_providers_polarssl(-)
-crypto_providers_openssl(-) crypto_providers_gnutls(-)"
crypto-providers_match(packagename) returns priority nested USE
conditionals for all CRYPTO_PROVIDERS that can be fed into DEPEND, e.g.
crypto_providers_match(B) would return "crypto-providers_openssl? (
B[$(crypto_providers-only(openssl)] )
!crypto-providers_openssl? ( crypto-providers_gnutls? (
B[$(crypto_providers-only(gnutls)] ) )"
A.ebuild
CRYPTO_PROVIDERS="openssl gnutls"
DEPEND="$(crypto-providers_match(B))"
B.ebuild
CRYPTO_PROVIDERS="openssl gnutls polarssl"
Best regards,
Chí-Thanh Christopher Nguyễn
prev parent reply other threads:[~2014-06-11 14:22 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-29 17:42 [gentoo-dev] Creating a USE_EXPAND for ssl providers Anthony G. Basile
2014-05-29 17:45 ` Peter Stuge
2014-05-30 2:20 ` [gentoo-dev] " Duncan
2014-05-30 3:21 ` Ian Stakenvicius
2014-05-30 6:44 ` Duncan
2014-05-30 12:03 ` Anthony G. Basile
2014-05-30 14:05 ` Ian Stakenvicius
2014-05-31 0:50 ` Peter Stuge
2014-05-31 1:08 ` hasufell
2014-06-01 10:46 ` Anthony G. Basile
2014-05-30 10:18 ` [gentoo-dev] " Jeroen Roovers
2014-06-11 11:12 ` Chí-Thanh Christopher Nguyễn
2014-06-11 11:32 ` Anthony G. Basile
2014-06-11 13:12 ` Michał Górny
2014-06-11 13:30 ` Chí-Thanh Christopher Nguyễn
2014-06-11 13:45 ` Michał Górny
2014-06-11 14:22 ` Chí-Thanh Christopher Nguyễn [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=53986609.1050907@gentoo.org \
--to=chithanh@gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox