On Sat, Sep 8, 2012 at 11:18 AM, Graham Leggett <[email protected]> wrote: > On 8 Sep 2012, at 13:46, Jeff Trawick <[email protected]> wrote: > >> Also, on platforms where OpenSSL is installed in a usual location, you only >> need >> >> --with-crypto --with-openssl >> >> Why does it work like this? APR-Util supports either NSS or OpenSSL >> libraries (or presumably others in the future) and forces you to >> choose which one. > > At no point are you forced to choose which one, you can choose one, either or > both. > > A packager would compile both so the end user can choose at runtime which > library to use. > > A developer would choose both so that the unit tests that test cross > compatibility would run. > >> Adding "Specify the crypto library using --with-openssl or --with-nss" >> to the "Crypto was requested but no crypto library was enabled" >> message will definitely help. > > +1. > >> Possibly defaulting to --with-openssl if --with-crypto is requested >> but neither library is specified would be fine. > > Ideally have them all defaulted to on, however my understanding is that > "default on" wasn't a good thing for crypto code. (would he happy if this > proves not to be needed, default on is easier for end users)
Enabling a particular crypto library by default would only be done if --with-crypto was requested. The global default (no crypto) wouldn't change. But if you enable the crypto feature you could avoid having to specify a particular implementation, unless the search path had to be overridden. > > Regards, > Graham > -- > -- Born in Roswell... married an alien... http://emptyhammock.com/
