[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: libgnutls transition plan (cupsys)

Ivo Timmermans <ivo@o2w.nl> wrote:
> Kenshi Muto wrote:
>> Currently we have many packages using libgnutls7. Of course libgnutls7
>> and libgnutls10 can coexist. But I think it is better that other
>> packages communicate with cupsys by TLS transit to newer libgnutls.

> Don't forget that libgnutls7 and libgnutls10 have versioned symbols,
> so it should be possible to have an executable that is linked (maybe
> indirectly via cupsys) to both.

Afaict gnutls' dependencies (I have only backports of libgcrypt1
1.1.12-1 and libtasn1-0 0.1.2-1 at this computer to check against) are
not using versioned symbols, at least
objdump -p libfoo.so | grep -i "Version definitions"
is not successful.

Could any of our library Gurus enlighten me whether this matters, i.e
whether indirect dependencies also cause the conflicts:

foo ---> libldap2 ---> libgnutls7 ---> libtasn1-0
foo ---> libgnutls10 ---> libtasn1-2

Will this generate breakage if symbols from libtasn1-0 and libtasn1-2

> libgnutls10 is less tested, as Andreas Metzler pointed out.  Of course
> I encourage people to use gnutls10 in favor of gnutls7, the API is
> backwards compatible -- there have only been additions to it.

GNUTLS_CERT_CORRUPTED was removed, but the changelog says it was
unused anyway, so I assume simply removing references to it should be

> But it's just too early to force a switch to gnutls10, IMHO.

Thanks for the advice.
           cu andreas
Hey, da ist ein Ballonautomat auf der Toilette!
Unofficial _Debian-packages_ of latest unstable _tin_

Reply to: