|
From: | Lassi Kortela |
Subject: | Re: [Chicken-users] Building the openssl egg on MacOS |
Date: | Mon, 15 Jul 2019 23:03:19 +0300 |
User-agent: | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 |
I spent a _little_ while digging into the details of this a few months ago, and my understanding is this: * Apple were suffering version-skew hell because (reportedly) the OpenSSL folk kept changing the ABI for the library. * So they lost patience and deprecated OpenSSL on macOS
Sounds quite plausible.
* ...to the extent that there are now compiler-visible deprecation markers in the relevant still-visible header files. * The doctrine is that one should use Apple's own encryption frameworks (as you noted, Vasilij) * (which work fine, in the pretty basic uses I've made of them, but they don't pretend to be OpenSSL) * ...and act as if there were no OpenSSL library at all on macOS. * As Lassi noted, there is still a LibreSSL library on the system in fact, but I believe it is intended to be strictly for legacy use.
This is the impression I got as well.The thing is, not only are the Apple frameworks non-portable to any other OS but Apple keeps changing, deprecating and merging frameworks from release to release. They just deprecated OpenGL (and didn't adopt Vulkan) in favor of some brand new framework that doesn't work on any non-Apple OS! And Swift may hold the world record for the number of deprecation warnings in any tool. So Apple's own programming interfaces are some of the least stable ever :)
So if you have a tool which depends on Open/LibreSSL, then you need to get it on your machine either from source, or using the package manager of your choice, and not even try using the system one.
Based on the non-portability and difficulty of using Apple's frameworks, and their history of changing them endlessly, I suggest adopting a simple policy to direct all Mac users to Homebrew :)
Of SSL libraries, LibreSSL sounds like it will be the most stable and secure choice. The OpenSSL compatibility makes it extra nice.
[Prev in Thread] | Current Thread | [Next in Thread] |