Bug#767372: Reassigning to pantomime

To: intrigeri <intrigeri@debian.org>, 767372@bugs.debian.org, 756852@bugs.debian.org
Subject: Bug#767372: Reassigning to pantomime
From: Yavor Doganov <yavor@gnu.org>
Date: Sun, 16 Nov 2014 19:02:25 +0200
Message-id: <877fyvoz8e.GNU's_not_UNIX!%yavor@gnu.org>
Reply-to: Yavor Doganov <yavor@gnu.org>, 767372@bugs.debian.org
In-reply-to: <85389jtdn5.fsf__4628.5068885938$1416148777$gmane$org@boum.org>
References: <871tppojj5.GNU's_not_UNIX!%yavor@gnu.org> <85389jtdn5.fsf__4628.5068885938$1416148777$gmane$org@boum.org>

intrigeri wrote:
> Yavor Doganov wrote (30 Oct 2014 11:59:26 GMT) :
> > An attempt to contact the original authors of GNUMail and LuserNET
> > for request for relicensing under GPL + OpenSSL exception has
> > failed, so the problem will be solved in the library by switching
> > to GnuTLS.
> 
> * there's a sponsorship request: https://bugs.debian.org/767372

Aron Xu was kind to upload it on 1st Nov, but the upload was rejected
[*] because I've managed to mess the .orig.tar.gz somehow.  I've
reuploaded the package to mentors.d.n with the correct tarball.

[*] http://permalink.gmane.org/gmane.linux.debian.devel.gnustep/3275

>   Upstream asks Yavor a question that's not been answered yet.

My fault.  LibreSSL is not in Debian, and it won't solve the problem
anyway because the licensing issue will be the same AFAICT.

The package builds fine against the GnuTLS OpenSSL wrapper.  I haven't
performed any runtime tests with this variant because I'm reluctant to
go that route.  Using the OpenSSL wrapper will make the library
effectively GPL, which in turn would make distribution of non-GPLed
apps impossible.  I know of at least one such program (not in Debian,
but used to have Debian users).

> I don't personally feel comfortable introducing a crypto-related
> patch in Debian, that upstream won't take, and that apparently
> hasn't been looked at by many persons yet.

The patch is fairly simple and straightforward, and I've tested it
extensively with gnumail (the other rdep, lusernet.app, is not
technically affected as it doesn't use SSL-aware methods).  I knew in
advance that it would be rejected upstream because it doesn't cater
for MuckOS X.

> I hope this problem can be fixed on the long term,

It will be fixed by using GnuTLS proper, yes.  I would have done that
in the first place but upstream doesn't want to use autoconf so
supporting many GnuTLS releases would be tricky.  That's why I've
delayed the work for post-jessie, especially given the fact that the
present patch works nicely and eliminates the problem, for !Darwin
platforms at least.

> but I doubt that anyone who doesn't have a good knowledge of both
> pantomime *and* crypto libraries can sensibly sponsor the proposed
> upload.

Really?  That is a rather high barrier for sponsoring...

> As far as Jessie is concerned, I fail to see what can reasonably be
> done except letting pantomime1.2 and lusernet.app be auto-removed

That would be unfortunate.  (And makes me think whether I should have
swept the problem under the carpet by not reporting the bug...)

Reply to:

Prev by Date: Bug#769810: RFS: phamm/0.6.2-1.1 [RC][NMU]
Next by Date: Bug#768878: RFS: sfarklib/0.20131219gitee08d0c-1 [ITP]
Previous by thread: Bug#767372: Reassigning to pantomime
Next by thread: Bug#769810: RFS: phamm/0.6.2-1.1 [RC][NMU]
Index(es):
- Date
- Thread