proposal: switch back to LibreSSL #93
Comments
Does the code need changes in other areas too? Or are you just implying that you haven't tested it outside of compiling browsers Also instead of carrying around a large and potentially error prone patch we could make nodejs use bundled openssl which shouldn't matter cuz nodejs is removed after building a browser, while anyone who needs it for webscaling can have a fully functional node. |
|
We could attempt to drop nodejs altogether: NetBSD/pkgsrc@febaa03 |
|
Don't think there's any such option for chromium |
|
We don't care about chromium since it is packaged in community, not in this repo. |
|
more info about no-nodejs build: https://lists.debian.org/debian-riscv/2020/01/msg00000.html pre-generated js files: |
LibreSSL seems to align slightly better with the goals of this distribution, having a simpler build system and smaller API than OpenSSL.
The switch to OpenSSL was spurred by Python 3.10 dropping LibreSSL support -- the SSL code has been pretty stable as the patches that reimplement LibreSSL support have had minimal changes since 3.10.0.
Rust supports LibreSSL, but it generally lags behind the latest LibreSSL, so a small patch is required.
Node.js doesn't support LibreSSL, but I threw together a patch that seems to work well (at least for our use case of compiling browsers), and the crypto code is pretty stable.
The text was updated successfully, but these errors were encountered: