On Mon, Sep 11, 2023 at 10:14:30PM +0100, Stuart Henderson wrote: > On 2023/09/11 22:12, Theo Buehler wrote: > > On Mon, Sep 11, 2023 at 08:49:13PM +0100, Stuart Henderson wrote: > > > On 2023/09/11 21:48, Theo Buehler wrote: > > > > On Mon, Sep 11, 2023 at 09:41:39PM +0200, Bjorn Ketelaars wrote: > > > > > Diff below switches sysutils/borgbackup/2.0 from OpenSSL-1.1 to > > > > > OpenSSL-3.0. Reason to switch is the EOL status of OpenSSL-1.1.1. > > > > > > > > If you land this, please also update the comments regarding bumps at the > > > > top of the openssl/1.1 and openssl/3.0 Makefiles. > > > > > > > > Has anyone ever tested borgbackup on BTI/IBT machines? > > > > > > > > > > Works fine with borgbackup/1.2, but I don't think that uses OCB. > > > > My understanding is that only 2.0 links against OpenSSL, so 1.2 should > > be fine anyway. > > > > The rason I'm asking is that I am still unclear to what extent OpenSSL > > and its consumers are affected by BTI. robert hit some things with node > > and thus switched it to 3.1 because of its native BTI/IBT support. > > > > For borgbackup/2.0 it is not entirely obvious what parts are routed > > through hashlib/LibreSSL and which parts are directly pulled in from > > the statically linked openssl. It might be worth running regress tests > > on a capable machine and if there are issues use 3.1 instead. > > Seems OK as long as the test suite is enough to exercise this.
Thanks. 3.0 is fine with me then. Hard to be 100% sure here...