From: "André Draszik" <git@andred.net>
To: Richard Purdie <richard.purdie@linuxfoundation.org>,
Alexander Kanavin <alex.kanavin@gmail.com>
Cc: OE-core <openembedded-core@lists.openembedded.org>
Subject: Re: [PATCH] libevent: enable OpenSSL unconditionally and update packaging
Date: Thu, 07 Nov 2019 15:41:25 +0000 [thread overview]
Message-ID: <9a596cbde910fd63d5fdb4344403bd2b63243fe0.camel@andred.net> (raw)
In-Reply-To: <d3db0ce8182373d0f4e76427de741e93d839a3d1.camel@linuxfoundation.org>
On Thu, 2019-11-07 at 14:08 +0000, Richard Purdie wrote:
> On Thu, 2019-11-07 at 14:01 +0000, André Draszik wrote:
> > On Thu, 2019-11-07 at 13:26 +0100, Alexander Kanavin wrote:
> > > I would rather keep the option to disable openssl, but simply
> > > switch it on by default
> >
> > Why complicate things, what's the use-case? If libevent_openssl.so is
> > not
> > used by anything, that library will not be pulled in, as it is a
> > separate package now.
>
> Build time dependencies and hence build speed?
>
> It sounds trivial but all these inter-dependencies do mount up so if we
> don't need it, keeping things minimal has advantages.
>
> If there is a security issue in openssl, its one more thing that would
> have to be regenerated if a CVE fix were added too...
What about helping make network connections more secure by enabling ssl
by default? Is yocto really advocating the use of unencrypted connections?
If build time is the argument, why is stack protection enabled by default
in the compiler?
Why do other packages have OpenSSL support enabled by default?
I could go on, but I don't care enough, v2 sent :-)
Cheers,
Andre'
next prev parent reply other threads:[~2019-11-07 15:41 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-07 9:40 [PATCH] libevent: enable OpenSSL unconditionally and update packaging André Draszik
2019-11-07 12:26 ` Alexander Kanavin
2019-11-07 14:01 ` André Draszik
2019-11-07 14:08 ` Richard Purdie
2019-11-07 15:41 ` André Draszik [this message]
2019-11-07 22:00 ` Richard Purdie
2019-11-07 15:36 ` [PATCH v2] libevent: update packaging (one package per shared library) André Draszik
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=9a596cbde910fd63d5fdb4344403bd2b63243fe0.camel@andred.net \
--to=git@andred.net \
--cc=alex.kanavin@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
--cc=richard.purdie@linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.