On Mon, Jun 2, 2008 at 6:12 AM, Sebastian Nowicki <sebnow@gmail.com> wrote:
On 02/06/2008, at 6:58 PM, Xavier wrote:
On Mon, Jun 2, 2008 at 12:32 PM, Antonio Huete Jimeenz <ahuete.devel@gmail.com> wrote:
For the checksum verification it might be ok to use openssl since it's in base for almost all BSD system. But what about linux? You'll have to install it before using makepkg, and this means a dependency.
In the case of CHOST usage, I haven't explained it fine. It's not related to this checksum issue. I'll try to explain it better in another thread :)
openssl is in the base group of archlinux, so it is supposed to be installed on every system. But when you look at the number and the importance of the packages requiring it, it is fully justified : http://archlinux.org/packages/122/ I can even hardly imagine a linux distro without it. Or am I mistaken?
It is an issue, but openssl is only 7mb, which should be an issue on almost all systems, and on embedded systems where disk space may be scarce, Archlinux probably wouldn't run anyway (afaik there's a project for that purpose). As Xavier mentioned it's in core, so with a typical install (installing everything in base), it should be installed on the system.
2 points: 1. openssl as we've no found out does not have a loss in functionality, it can do all of the algorithms we need. 2. It doesn't even need to be installed on every system, just every system used *to build packages*. However, I would highly doubt you can find a system in the wild that doesn't have openssl installed. Since we have no loss in portability or functionality with openssl, I say lets go for it. Be sure to adjust the comments at the top of makepkg where it lists programs needed to run so we can keep that up to date. -Dan