Re: Status of OpenSSL 1.1 support

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Mon, 16 Oct 2017, Colin Watson wrote:

> If my only other option is to use LibreSSL, then that will mean
> packaging LibreSSL separately, and https://bugs.debian.org/754513 seems
> to have petered out a couple of years ago, not to mention being a pile
> of work I really don't have time for as well as requiring overcoming
> non-trivial objections.  I realise that this is not the OpenSSH team's
> problem as such, and that as a LibreSSL developer you may well not be
> super-sympathetic to this argument; but nevertheless, I don't think this
> is a viable option right now for us as a distributor.

I'm sorry to have put you in this situation, but we have an upstream who
is LibreSSL exclusively, a need to support LibreSSL and BoringSSL in the
portable version and limited time and resources of our own.

Even adopting the use of shims that give us the OpenSSL 1.1.x API means
considerable additional work for us, because OpenBSD doesn't use that
API. I'm willing to do it, but not if I'm going to be fighting the shims
themselves along the way.

-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux