On Fri, 13 Oct 2017, Sebastian Andrzej Siewior wrote: > Hi, > > more or less a year ago Kurt Roeckx provided an initial port towards the > OpenSSL 1.1 API [0]. The patch has been left untouched [1] and it has > been complained about a missing compat layer of the new vs the old API > within the OpenSSL library [2]. > This is how I reconstructed the situation as of today and I am not > aware of any progress in regard to the newer library within the OpenSSH > project. Did I miss any significant development? > > In the `meantime', OpenSSL provides a kind of compat layer [3] which > (they suggested) should be included in the downstream projects [4]. The compatibility layer is unversioned, incomplete, barely documented and seems to be unmaintained. Because it isn't a library, they require it to be added to downstream projects directly. This isn't even close to a solution. In the absence of any progress, I'm considering adding some build sugar to simplify the process of building (and possibly fetching) LibreSSL as port of the OpenSSH build process. AFAIK Apple's OpenSSH distribution is already linked against LibreSSL (and of course, OpenBSD does too), so IMO it's had enough road-testing for general use. -d _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
