Page MenuHomeFreeBSD

secure/openvpn: Make lzo compression optional

Authored by diizzy on Jan 15 2020, 2:07 PM.



Make lzo dependency optional and if both compression libraries are disabled add --enable-comp-stub to enabled "allow limited interoperability with compression-enabled peers".

Test Plan

Poudriere log (lz4 and lzo disabled)

Diff Detail

rP FreeBSD ports repository
Automatic diff as part of commit; lint not applicable.
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

This lacks a motivation/rationale and win-and-loss consideration on why we would want a possibility to configure the package in a way that is harmful to compatibility when OpenVPN has been supporting LZO for all the years from basically day 0, is a lightweight reliable and readily available (binary packaged) compression library.

I am extremely inclined to reject this, you'll need to bring really strong reasons to the table. "Just because we can" will not suffice. And even then the implementation is a mess and needs to move the compression-option logic all into one central place before it becomes even fit for consideration.

Meaning this proposal requires substantial rework. Sorry.

While I understand your concern about compatibility that can be applied to pretty much any port with some kind of configuration option regarding dependencies. The idea is to simply give the user an option to exclude unneeded libraries as compression isn't always beneficial in terms of performance primarily on embedded devices such as ones based on MIPS and ARM (example and these are often removed on devices running OpenWrt for instance. In addtion to that it may also be a security concern see: for instance.

I'll commit a clean-up version of this.

This revision was not accepted when it landed; it landed in state Needs Review.Jan 26 2020, 2:40 PM
This revision was automatically updated to reflect the committed changes.

Thanks, I got busy on my end.