[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: libgcrypt brain dead?

On Tue, Mar 09, 2010 at 10:34:37AM +1100, Brian May wrote:
> Unfortunately, gcrypt is used by gnutls, which is used in ldap, which
> is frequently used in PAM and NSS. So this is an issue. There might be
> other NSS and PAM modules that use it too.

> What is the solution? Should we go back to using openssl, at least
> with libraries such as openldap that are commonly used in pam and nss
> modules?

There is no "going back" to openssl.  OpenSSL is license-incompatible with
many LDAP-using applications in Debian, and I don't see any way that we can
justify distributing an LDAP library that *doesn't* support TLS in this day
and age.

If gcrypt is broken, then we should fix gcrypt.

Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                                    http://www.debian.org/
slangasek@ubuntu.com                                     vorlon@debian.org

Attachment: signature.asc
Description: Digital signature

Reply to: