[OE-core] [PATCH] libevent: enable OpenSSL unconditionally and update packaging
André Draszik
git at andred.net
Thu Nov 7 15:41:25 UTC 2019
On Thu, 2019-11-07 at 14:08 +0000, Richard Purdie wrote:
> On Thu, 2019-11-07 at 14:01 +0000, André Draszik wrote:
> > On Thu, 2019-11-07 at 13:26 +0100, Alexander Kanavin wrote:
> > > I would rather keep the option to disable openssl, but simply
> > > switch it on by default
> >
> > Why complicate things, what's the use-case? If libevent_openssl.so is
> > not
> > used by anything, that library will not be pulled in, as it is a
> > separate package now.
>
> Build time dependencies and hence build speed?
>
> It sounds trivial but all these inter-dependencies do mount up so if we
> don't need it, keeping things minimal has advantages.
>
> If there is a security issue in openssl, its one more thing that would
> have to be regenerated if a CVE fix were added too...
What about helping make network connections more secure by enabling ssl
by default? Is yocto really advocating the use of unencrypted connections?
If build time is the argument, why is stack protection enabled by default
in the compiler?
Why do other packages have OpenSSL support enabled by default?
I could go on, but I don't care enough, v2 sent :-)
Cheers,
Andre'
More information about the Openembedded-core
mailing list