On 10/27/21 4:38 PM, ste...@eissing.org wrote:
> Willy Tarreau made a case on the Debian openssl-dev package list to consider
> adding the openssl fork quictls, so that software that wants to use QUIC/H3
> finds a way forwards:
>
> https://alioth-lists.debian.net/pipermail/pkg-openssl-devel/2021-October/007668.html
>
> I added my support to this idea as a maintainer of apache httpd. But I am just
> single member of the team here. That's why I mention this here, so you can
> add your voice to this, should you feel like it.
I am not sure if this is really a good idea. I fear that there will be symbol
name conflicts
if you load modules that have been compiled against plain openssl as the
library names of quictls and openssl are different (they
use a different version in the filename). In turn this would mean that you need
to recompile all these modules and possible
support libaries e.g. openldap against quictls. This does not sound very
appealing to me.
But I guess without having the SSL library providing an API for this purpose it
will not be possible to implement a quic solution
that leaves the SSL stuff to the SSL library.
Difficult to decide.
Regards
RĂ¼diger
