Linking coreutils against OpenSSL

To: debian-devel@lists.debian.org
Cc: Michael Stone <mstone@debian.org>
Subject: Linking coreutils against OpenSSL
From: Benjamin Barenblat <bbaren@debian.org>
Date: Thu, 09 Nov 2023 17:38:05 -0500
Message-id: <[🔎] 87v8aaa6ya.jfx@dymaxion.benjamin.barenblat.name>

Dear Debian folks,

coreutils can link against OpenSSL, yielding a substantial speed boost
in sha256sum etc. For many years, this was inadvisable due to license
conflicts. However, as of bookworm, coreutils requires GPL-3+ and
OpenSSL is Apache-2.0, so I believe all license compatibility questions
have been resolved.

What would you think about having coreutils Depend on libssl3? This
would make the libssl3 package essential, which is potentially
undesirable, but it also has the potential for serious user time savings
(on recent Intel CPUs, OpenSSL’s SHA-256 is over five times faster than
coreutils’ internal implementation).

Alternatively, what would you think about making sha256sum etc.
divertible and providing implementations both with and without the
OpenSSL dependency?

Best,
Benjamin

Reply to:

Follow-Ups:
- Re: Linking coreutils against OpenSSL
  - From: Luca Boccassi <bluca@debian.org>
- Re: Linking coreutils against OpenSSL
  - From: Simon Richter <sjr@debian.org>
- Re: Linking coreutils against OpenSSL
  - From: Julian Andres Klode <jak@debian.org>
- Re: Linking coreutils against OpenSSL
  - From: Guillem Jover <guillem@debian.org>

Prev by Date: Bug#1055634: ITP: asahi-nvram -- NVRAM utilities for Apple Silicon (arm) machines
Next by Date: Re: Linking coreutils against OpenSSL
Previous by thread: Bug#1055634: ITP: asahi-nvram -- NVRAM utilities for Apple Silicon (arm) machines
Next by thread: Re: Linking coreutils against OpenSSL
Index(es):
- Date
- Thread