Re: Linking coreutils against OpenSSL

[Julian Andres Klode <jak@debian.org>]

On Thu, Nov 09, 2023 at 05:38:05PM -0500, Benjamin Barenblat wrote:
> Dear Debian folks,
> 
> coreutils can link against OpenSSL, yielding a substantial speed boost
> in sha256sum etc. For many years, this was inadvisable due to license
> conflicts. However, as of bookworm, coreutils requires GPL-3+ and
> OpenSSL is Apache-2.0, so I believe all license compatibility questions
> have been resolved.
> 
> What would you think about having coreutils Depend on libssl3? This
> would make the libssl3 package essential, which is potentially
> undesirable, but it also has the potential for serious user time savings
> (on recent Intel CPUs, OpenSSL’s SHA-256 is over five times faster than
> coreutils’ internal implementation).

I plan to switch APT to OpenSSL for trixie too, so this is not a huge
concern to me. It was rightfully pointed out that systemd already uses
it, so it's already on bootable systems, with APT using it, it will also
be around in chroots.

> 
> Alternatively, what would you think about making sha256sum etc.
> divertible and providing implementations both with and without the
> OpenSSL dependency?

Oh please no. There should be a single build of coreutils. There
is no point in doing multiple ones.

-- 
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer                              i speak de, en