Closed zhfish closed 7 months ago
Not sure it's the right thing to do. Vendored openssl has various drawbacks e.g. it can't respect the system root certificate, and it doesn't get updated so it's not as secure. Also I wonder if this impact binary size
My system is Rocky8, and the Glib version is 2.28, which is very inconvenient to upgrade. Although the size of the binary file has been increased, I believe it is well worth it
In that case, can you try only vendor openssl for musl release?
You're right. I've made the modifications, enabling vendor dependencies exclusively for musl compilation.
I added dependencies to Cargo, ensuring that OpenSSL is correctly included with features during the compilation of musl, eliminating the need to separately handle OpenSSL for musl. We still find musl necessary because handling dependencies can be quite challenging.
300