From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id C635B13888F for ; Wed, 28 Oct 2015 11:32:17 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 4C7E621C04C; Wed, 28 Oct 2015 11:32:13 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 3D85721C02F for ; Wed, 28 Oct 2015 11:32:12 +0000 (UTC) Received: from [172.20.10.2] (2.150.13.202.tmi.telenormobil.no [2.150.13.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: k_f) by smtp.gentoo.org (Postfix) with ESMTPSA id F2DC7340755 for ; Wed, 28 Oct 2015 11:32:08 +0000 (UTC) Subject: Re: [gentoo-dev] Re: ssl vs openssl vs libressl vs gnutls USE flag foo References: <56302DC3.4050909@gentoo.org> <20151028002341.7f08704e@caribou.gateway.pace.com> <5630AE93.2030303@gentoo.org> <5630B019.5070805@gentoo.org> To: gentoo-dev@lists.gentoo.org From: Kristian Fiskerstrand Message-ID: <5630B234.2050800@gentoo.org> Date: Wed, 28 Oct 2015 12:32:04 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 In-Reply-To: <5630B019.5070805@gentoo.org> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Archives-Salt: d8189345-d330-4422-93b3-71b785cb3e02 X-Archives-Hash: 7d7fde85ff262180139541940a11f1f3 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 10/28/2015 12:23 PM, Anthony G. Basile wrote: > On 10/28/15 7:16 AM, hasufell wrote: >> On 10/28/2015 07:23 AM, Ryan Hill wrote: >>> Agreed. If there's one choice then "ssl" should be used. >>> openssl/libressl/etc should really be considered sub-flags of >>> ssl. > > This is what I did with curl. USE=ssl means one and exactly one > ssl provider must be specified. I suggested making it a model > gentoo wide, but there were criticisms, I forget what, but the made > sense to me at teh time. Such a setup makes sense to me as well, although likely want it to be more generic and maybe use a prioritized list rather than a use expand per package / group of packages. Maybe something similar to python_compat can be used for the TLS / crypto provider - -- Kristian Fiskerstrand Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJWMLIvAAoJECULev7WN52Fdb8IALLlM/763gnsx3iEc7NIh7IL HWDfBwfY2vuDKWGGVlKIXn2CZfIrDhcqOZxtprFcrK073q+Gu6ZDqVd+og+EWTJw Erv7aq5Mi4poBPtcQT6P3CJG77RXCQPdzgPG6K8FaWyVPh+RkKFr7VsJ615visk6 UmRbwpehU51Vb/qTWl94J1z0SvIo3gusSzeK9FpkSFimrZQtsByWFtIijWYeToLH Mv4hl7BVwpHWctTwLDObuqkl+zWEITapJ3CIYz93jrfnyWZXi/DFvOyWcK3YOES2 vDcIDWGKt0SunZgka0VTJ+CTbfCcuvxb0sXUJfJNdy6P/p7aJyzZllPEZ2ciVVk= =iN64 -----END PGP SIGNATURE-----