Bug 247236
| Summary: | www/envoy is marked as broken: does not build with DEFAULT_VERSIONS+=ssl=base: requires BoringSSL | ||
|---|---|---|---|
| Product: | Ports & Packages | Reporter: | uros |
| Component: | Individual Port(s) | Assignee: | Alexey Dokuchaev <danfe> |
| Status: | Open --- | ||
| Severity: | Affects Some People | CC: | andrey, danfe, ulassayginim |
| Priority: | --- | Flags: | linimon:
maintainer-feedback?
(danfe) |
| Version: | Latest | ||
| Hardware: | Any | ||
| OS: | Any | ||
|
Description
uros
2020-06-13 13:42:19 UTC
(In reply to uros from comment #0) > I guess the problem is there is no BoringSSL That is correct. There is 3rd-part work* available for building Envoy purely with OpenSSL, and ultimately I'd want to divorce the port from BoringSSL, but I haven't looked in it closely yet. *) https://github.com/envoyproxy/envoy-openssl @alexey can you please check https://github.com/envoyproxy/envoy-openssl/issues/1 where I asked about openssl support and I don't have anough knowledge to give concrete answer Any reason why we can't use https://svnweb.freebsd.org/ports/head/security/boringssl/ (In reply to Alexey Dokuchaev from comment #1) https://github.com/envoyproxy/envoy-openssl does not have latest version! they have old cmake build version. new version only supports bazel builds please dont forget. have wonderful day! (In reply to uros from comment #3) > Any reason why we can't use [security/boringssl]? We cannot depend on SSL providers directly, but have to do it via the framework. Right now, BoringSSL cannot be used as an SSL provider, mainly because it needs cmake that needs curl that itself needs the SSL provider (see review D20881). You can still hack your ports locally so you can have that dependency, of course. |
