Heya! Some of the systemd developers have been discussing switching systemd's crypto libraries to be exclusively OpenSSL 3.0, and drop support for older OpenSSL versions, as well as any GNUTLS/libgcrypt support. As you might have noticed OpenSSL 3.0 has been released recently, and for the first time resolves the GPL2 license incompatibility mess comprehensively, which opens this door to us.
I personally care a lot about reducing the combinatorial explosion of deps a bit, and keeping our tree as maintainable as we can, with a single implementation of everything, not multiple, and no abstraction layers and such, and thus removing any compat kludges for other libraries or other library versions. Now, before we make a decision on this, I'd like to collect feedback on such a move. I know that there are some people who backpart new systemd onto old distros. How big would the pain be require porting OpenSSL 3, too, at the same time? (What's not up for discussion: for new additions to systemd we'll do only OpenSSL, and won't accept anything else. My question is really just about the stuff we aleady have, where we currently support GNUTLS/libcgrypt.). Anyway, I'd be interested in your thoughts about this. i.e. hear multiple takes, opinions, from differently people and positions? Thanks, Lennart
