On 12/5/22 23:27, Theo Buehler wrote:
> On Mon, Dec 05, 2022 at 11:14:56PM +0100, Volker Schlecht wrote:
>> That's switching as in "They bundle OpenSSL 3.07 + QUIC Patch and that's
>> what they develop against".
>
> They also support BoringSSL which does not yet provide any OpenSSL 3 API.
Well ... for some value of 'support' they do:
https://github.com/nodejs/node/issues/25890
>> You seem to be critical about having the dependency on 3.0 ... any reasons I
>> should be aware of?
>
> OpenSSL 1.1 is well tested and a more or less known beast. OpenSSL 3 on
> the other hand... not so much.
Agreed.
> I don't care deeply if OpenSSL 3 is used for this, I just wanted to make
> sure the switch wasn't made blindly since newer is better (which in this
> case it probably isn't).
It really wasn't - I just intend to stick as closely to upstream's
choices as possible without having to get the bundled OpenSSL dependency
to build and work.
No comments:
Post a Comment