Re: Linking coreutils against OpenSSL
On Thu, Nov 09, 2023 at 11:13:51PM +0000, Luca Boccassi wrote:
> On Thu, 9 Nov 2023 at 22:54, Benjamin Barenblat <bbaren@debian.org> wrote:
> >
> > Dear Debian folks,
> >
> > coreutils can link against OpenSSL, yielding a substantial speed boost
> > in sha256sum etc. For many years, this was inadvisable due to license
> > conflicts. However, as of bookworm, coreutils requires GPL-3+ and
> > OpenSSL is Apache-2.0, so I believe all license compatibility questions
> > have been resolved.
> >
> > What would you think about having coreutils Depend on libssl3? This
> > would make the libssl3 package essential, which is potentially
> > undesirable, but it also has the potential for serious user time savings
> > (on recent Intel CPUs, OpenSSL’s SHA-256 is over five times faster than
> > coreutils’ internal implementation).
>
> This sounds great. systemd also uses OpenSSL for various things, so
> libssl3 is pretty much a given on any bootable installation anyway
> already.
Strongly agree. In addition to possible performance gains I think there are
other benefits. Fewer better reviewed crypto implementations and a single
upgrade path would be two, especially since like you say libcrypto is pretty
much always there anyway.
>
> > Alternatively, what would you think about making sha256sum etc.
> > divertible and providing implementations both with and without the
> > OpenSSL dependency?
>
> Please, no, no more diversion/alternatives/shenanigans, it's just huge
> and convoluted complications for no real gain.
>
+1
Reply to: