On Mon, 16 Oct 2017, Colin Watson wrote: > If my only other option is to use LibreSSL, then that will mean > packaging LibreSSL separately, and https://bugs.debian.org/754513 seems > to have petered out a couple of years ago, not to mention being a pile > of work I really don't have time for as well as requiring overcoming > non-trivial objections. I realise that this is not the OpenSSH team's > problem as such, and that as a LibreSSL developer you may well not be > super-sympathetic to this argument; but nevertheless, I don't think this > is a viable option right now for us as a distributor. I'm sorry to have put you in this situation, but we have an upstream who is LibreSSL exclusively, a need to support LibreSSL and BoringSSL in the portable version and limited time and resources of our own. Even adopting the use of shims that give us the OpenSSL 1.1.x API means considerable additional work for us, because OpenBSD doesn't use that API. I'm willing to do it, but not if I'm going to be fighting the shims themselves along the way. -d _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
