On Tue, Oct 24, 2023 at 10:42:56AM +0200, Theo Buehler wrote:
> > Updated tarball, now also portcheck clean.
>
> MOD_ENV += ${MODCARGO_ENV}
> QUICHE_BSSL_PATH=${LOCALBAS}/eboringssl
>
> Typo: LOCALBASE
>
> There's no BUILD_DEPENDS on security/boringssl/head which would
> need to be present for this to work.
>
> Is boringssl actually used by the build? I can't spot anything in the
> build log (there are the boring and boring-sys crate, but they aren't
> built) and the deps directory is also empty.
>
> The port seems to produce the same libquiche.a whether boringssl is
> installed or not and whether the typo above is fixed or not.
>
> Is there something missing or does DoQ already work with dnsdist?
>
> If DoQ already works then we can leave the port as it is modulo removal
> of the above line.
>
> If not, we will probably need the boringssl-boring-crate feature and
> teach it to use the eboringssl from ports.
>
libquiche.a definitely tries to use BoringSSL API (which libcrypto
doesn't provide), for example
U EVP_AEAD_CTX_seal_scatter
the bindings are made in quiche/src/tls.rs and quiche/src/crypto.rs.
Is the upcoming dnsdist port going to be linked statically against
libquiche and eboringssl?
