commit: fb6a75fdeced94887cb4e9ca73cfc71dcd874f88
Author: Matt Jolly <kangie <AT> gentoo <DOT> org>
AuthorDate: Thu Jun 20 08:35:25 2024 +0000
Commit: Matt Jolly <kangie <AT> gentoo <DOT> org>
CommitDate: Sat Jun 29 06:52:22 2024 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fb6a75fd
dev-libs/openssl: add USE `quic` to openssl
OpenSSL 3.2+ brings an initial RFC 9000 (QUIC)
implementation that is sufficient for use as a client
or for general experimentation and QUIC / HTTP/3
development.
While 3.2 is sufficient, the API exposed by 3.3 is
more mature; we'll only enable it from here so that
client applications (e.g. net-misc/curl) can be wired up
to test QUIC.
This passes tests upstream and is reported to work, but
Gentoo QUIC support is best described as 'developing';
hic sunt dracones.
Signed-off-by: Matt Jolly <kangie <AT> gentoo.org>
dev-libs/openssl/metadata.xml | 1 +
dev-libs/openssl/openssl-3.3.0.ebuild | 3 ++-
dev-libs/openssl/openssl-3.3.1.ebuild | 3 ++-
3 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/dev-libs/openssl/metadata.xml b/dev-libs/openssl/metadata.xml
index bbf8686ec6e9..a00bd02d7b09 100644
--- a/dev-libs/openssl/metadata.xml
+++ b/dev-libs/openssl/metadata.xml
@@ -9,6 +9,7 @@
<flag name="bindist">Disable/Restrict EC algorithms (as they
seem to be patented) -- note: changes the ABI</flag>
<flag name="fips">Enable FIPS provider</flag>
<flag name="ktls">Enable support for Kernel implementation of
TLS (kTLS)</flag>
+ <flag name="quic">Enable support for QUIC (RFC 9000); a
UDP-based protocol intended to replace TCP</flag>
<flag name="rfc3779">Enable support for RFC 3779 (X.509
Extensions for IP Addresses and AS Identifiers)</flag>
<flag name="sslv2">Support for the old/insecure SSLv2 protocol
-- note: not required for TLS/https</flag>
<flag name="sslv3">Support for the old/insecure SSLv3 protocol
-- note: not required for TLS/https</flag>
diff --git a/dev-libs/openssl/openssl-3.3.0.ebuild
b/dev-libs/openssl/openssl-3.3.0.ebuild
index 97ec87920e44..3c59077a40e6 100644
--- a/dev-libs/openssl/openssl-3.3.0.ebuild
+++ b/dev-libs/openssl/openssl-3.3.0.ebuild
@@ -31,7 +31,7 @@ S="${WORKDIR}"/${MY_P}
LICENSE="Apache-2.0"
SLOT="0/$(ver_cut 1)" # .so version of libssl/libcrypto
-IUSE="+asm cpu_flags_x86_sse2 fips ktls rfc3779 sctp static-libs test
tls-compression vanilla verify-sig weak-ssl-ciphers"
+IUSE="+asm cpu_flags_x86_sse2 fips ktls quic rfc3779 sctp static-libs test
tls-compression vanilla verify-sig weak-ssl-ciphers"
RESTRICT="!test? ( test )"
COMMON_DEPEND="
@@ -198,6 +198,7 @@ multilib_src_configure() {
enable-mdc2
enable-rc5
$(use fips && echo "enable-fips")
+ $(use quic && echo "enable-quic")
$(use_ssl asm)
$(use_ssl ktls)
$(use_ssl rfc3779)
diff --git a/dev-libs/openssl/openssl-3.3.1.ebuild
b/dev-libs/openssl/openssl-3.3.1.ebuild
index 97ec87920e44..3c59077a40e6 100644
--- a/dev-libs/openssl/openssl-3.3.1.ebuild
+++ b/dev-libs/openssl/openssl-3.3.1.ebuild
@@ -31,7 +31,7 @@ S="${WORKDIR}"/${MY_P}
LICENSE="Apache-2.0"
SLOT="0/$(ver_cut 1)" # .so version of libssl/libcrypto
-IUSE="+asm cpu_flags_x86_sse2 fips ktls rfc3779 sctp static-libs test
tls-compression vanilla verify-sig weak-ssl-ciphers"
+IUSE="+asm cpu_flags_x86_sse2 fips ktls quic rfc3779 sctp static-libs test
tls-compression vanilla verify-sig weak-ssl-ciphers"
RESTRICT="!test? ( test )"
COMMON_DEPEND="
@@ -198,6 +198,7 @@ multilib_src_configure() {
enable-mdc2
enable-rc5
$(use fips && echo "enable-fips")
+ $(use quic && echo "enable-quic")
$(use_ssl asm)
$(use_ssl ktls)
$(use_ssl rfc3779)
