410369 – net-misc/curl falsely uses ssl to select openssl as implementation, should be "openssl"

Bug 410369 - net-misc/curl falsely uses ssl to select openssl as implementation, should be "openssl"

Summary: net-misc/curl falsely uses ssl to select openssl as implementation, should be...

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Anthony Basile

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2012-03-31 17:37 UTC by Justin Lecher (RETIRED)
Modified:	2012-04-04 22:44 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Justin Lecher (RETIRED) gentoo-dev

2012-03-31 17:37:00 UTC

USE=ssl should be used to enable the support of _any_ ssl implementation (gnutls, openssl, nss), whereas to select specifically openssl we should switch to USE=openssl instead.

Comment 1 Tomáš Chvátal (RETIRED) gentoo-dev

2012-03-31 17:39:17 UTC

Just see how it is done in the ~7.21.7-r2 as I did it there +- correctly.

The goal is that external packages can depend on ssl and they dont need to care about whatever implementation the user decide to rely upon.

Comment 2 Justin Lecher (RETIRED) gentoo-dev

2012-04-01 05:54:32 UTC

So how do we proceed? The Warning approach or the USE_EXPAND?

Comment 3 Tomáš Chvátal (RETIRED) gentoo-dev

2012-04-01 07:11:36 UTC

I would say do it again the same way as it was done in 7.21.7-r2.

Comment 4 Justin Lecher (RETIRED) gentoo-dev

2012-04-01 07:32:46 UTC

(In reply to comment #3)
> I would say do it again the same way as it was done in 7.21.7-r2.

From the simple DEP site this is right. BUt we were discussing about the USE blocking. Should we allow USE="gnutls nss"? This would lead to a situation where the user does not know what is really used.
Should we only warn, or make it completely transparent, by setting up up something like CURL_SSL_BACKEND USE_EXPAND?

Comment 5 Anthony Basile gentoo-dev

2012-04-01 11:09:43 UTC

(In reply to comment #4)
> (In reply to comment #3)
> > I would say do it again the same way as it was done in 7.21.7-r2.
> 
> From the simple DEP site this is right. BUt we were discussing about the USE
> blocking. Should we allow USE="gnutls nss"? This would lead to a situation
> where the user does not know what is really used.
> Should we only warn, or make it completely transparent, by setting up up
> something like CURL_SSL_BACKEND USE_EXPAND?

I am going to replicate what was in 7.21.7-r2 and add a warning if there is ambiguity regarding choice.  This will go out in 7.25 forward.

Aside: My preference would have been to add an openssl flag and do something like

ssl? ( gntuls? (...) nss? (...) openssl? (...) )

but I've been told that this has been discussed and shot down.

Comment 6 Anthony Basile gentoo-dev

2012-04-01 13:50:55 UTC

Okay commited in curl-7.25.0.

Comment 7 Anthony Basile gentoo-dev

2012-04-04 22:44:35 UTC

Okay, a more symmetric and flexible way of doing this is with USE_EXPAND.  This will be in 7.25.0-r1 which is currently being developed on my overlay:

http://git.overlays.gentoo.org/gitweb/?p=dev/blueness.git;a=blob;f=net-misc/curl/curl-7.25.0-r1.ebuild;h=d6985b91c2458c364300d04988b6980c3d949f11;hb=1e769551a873d63377b8b4399a101eeacebd7997

The USE_EXPAND flag is in the tree: profile/desc/curl_ssl.desc.  USE="ssl" will mean that you must enable one and exactly one of CURL_SSL="gnutls" or "nss" or "openssl".