Comment 1 SpanKY 2014-04-08 18:17:17 UTC

not sure why you think it's not enabled by default upstream because it is.  the code might be confusing because it negates the definition (OPENSSL_NO_HEARTBEATS) and it isn't explicitly *disabled* by default.

hence the ebuild enables it by default.

Comment 2 Dirkjan Ochtman (RETIRED) 2014-04-09 08:00:48 UTC

I gave three reasons for disabling, you dismissed just one. Do you think the others are completely worthless?

Comment 3 SpanKY 2014-04-09 19:24:30 UTC

well, you've provided no data to back up the first claim.  that leaves the "extra code" part which isn't really enough to sway me -- upstream enables it by default is good enough for me.

Comment 4 Alex Legler (RETIRED) 2014-04-10 12:40:18 UTC

*** Bug 507322 has been marked as a duplicate of this bug. ***

Comment 5 Vikraman (RETIRED) 2014-04-10 23:40:11 UTC

Some more arguments to consider:

http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libssl/ssl/Makefile?rev=1.29;content-type=text%2Fx-cvsweb-markup

https://news.ycombinator.com/item?id=7568921

Comment 6 Alex Legler (RETIRED) 2014-04-13 14:15:51 UTC

*** Bug 507566 has been marked as a duplicate of this bug. ***