arekinath
commented
4 months ago Originally, we bundled LibreSSL specifically for MacOS (since using the system dylib there is painful). It became convenient to build a "mostly static" library for Linux for use in initramfs as well. And then, for quite a while we were carrying around a patch to LibreSSL for some parts of the pivy-ca code -- but this was upstreamed late in the 3.7 releases.
I don't think there's really any reason now why we couldn't go back to only bundling it on MacOS. FWIW, the OpenBSD part of the Makefile already uses their system LibreSSL. It would just require some Makefile fiddling.
Why do you bundle LibreSSL? Can it be at least linked dynamically with system-provided LibreSSL?