Re: libelf now depends on openssl

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2021-01-15 at 10:25 +0100, Florian Weimer wrote:
> * Zbigniew Jędrzejewski-Szmek:
> 
> > On Thu, Jan 14, 2021 at 08:24:03AM -0600, Michael Catanzaro wrote:
> > > On Thu, Jan 14, 2021 at 12:52 am, Kevin Kofler via devel
> > > <devel@xxxxxxxxxxxxxxxxxxxxxxx> wrote:
> > > > Do the boringssl symbols not have hidden visibility in libwebrtc?
> > > > If they
> > > > do, why are they getting interposed anyway? If they don't, why
> > > > not? I assume
> > > > the library is private to libwebrtc and its symbols should not be
> > > > exported.
> > > 
> > > libwebrtc is a static lib, and so is boringssl. So all symbols,
> > > except unused symbols, will be directly included in libwebkit2gtk.
> > > In release builds, they would then be hidden by a linker script, but
> > > in developer builds everything is exported because API tests depend
> > > on internal symbols.
> > 
> > Would it be possible to get rid of boringssl? Having yet another
> > crypto library is ... bad.
> 
> Especially since it's not expected to be used outside of Google:
> 
> > BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.
> > 
> > Although BoringSSL is an open source project, it is not intended for
> > general use, as OpenSSL is. We don't recommend that third parties
> > depend upon it.
> 
> <https://boringssl.googlesource.com/boringssl/>

Which is one of the reasons we do not admit boringssl in RHEL.

There is of course no problem to have it in Fedora, but if this is
something that is going to end up in RHEL one day, it would be better
to do the work now to make it use OpenSSL rather than scramble later.

HTH,
Simo.

> Thanks,
> Florian
> -- 
> Red Hat GmbH, https://de.redhat.com/ , Registered seat: Grasbrunn,
> Commercial register: Amtsgericht Muenchen, HRB 153243,
> Managing Directors: Charles Cachera, Brian Klemm, Laurie Krebs, Michael O'Neill
> _______________________________________________
> devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
> Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx

-- 
Simo Sorce
RHEL Crypto Team
Red Hat, Inc



_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux