On Mon, Sep 11, 2023 at 08:49:13PM +0100, Stuart Henderson wrote: > On 2023/09/11 21:48, Theo Buehler wrote: > > On Mon, Sep 11, 2023 at 09:41:39PM +0200, Bjorn Ketelaars wrote: > > > Diff below switches sysutils/borgbackup/2.0 from OpenSSL-1.1 to > > > OpenSSL-3.0. Reason to switch is the EOL status of OpenSSL-1.1.1. > > > > If you land this, please also update the comments regarding bumps at the > > top of the openssl/1.1 and openssl/3.0 Makefiles. > > > > Has anyone ever tested borgbackup on BTI/IBT machines? > > > > Works fine with borgbackup/1.2, but I don't think that uses OCB.
My understanding is that only 2.0 links against OpenSSL, so 1.2 should be fine anyway. The rason I'm asking is that I am still unclear to what extent OpenSSL and its consumers are affected by BTI. robert hit some things with node and thus switched it to 3.1 because of its native BTI/IBT support. For borgbackup/2.0 it is not entirely obvious what parts are routed through hashlib/LibreSSL and which parts are directly pulled in from the statically linked openssl. It might be worth running regress tests on a capable machine and if there are issues use 3.1 instead.
