On 6/23/26 12:52, Eric Biggers wrote: > On Tue, Jun 23, 2026 at 11:04:14AM -0400, Luiz Augusto von Dentz wrote: >>> +=== ================================================================== >>> +0 AF_ALG is unrestricted. >>> + >>> +1 AF_ALG is supported with a limited list of algorithms. The list >>> + is designed for compatibility with known users such as iwd and >>> + bluez that haven't yet been fixed to use userspace crypto code. >> >> Is the expectation that we go shopping for userspace crypto here? > > Yes, same as what 99% of userspace already does. Probably you'll just > want to link to OpenSSL, but it could be something else if you want.
Hard disagree on OpenSSL. It's not a good library. See <https://cryptography.io/en/latest/statements/state-of-openssl/>. Distributions should ship AWS-LC and either rebuild reverse dependencies when needed, or work with upstream to catch ABI breaks. -- Sincerely, Demi Marie Obenour (she/her/hers)
OpenPGP_0xB288B55FFF9C22C1.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
