Bug#368297: About the libgcrypt and OpenLDAP issue
Adam D. Barratt
adam at adam-barratt.org.uk
Thu Apr 18 18:24:41 UTC 2013
On Thu, 2013-04-18 at 18:58 +0200, Werner Koch wrote:
> On Tue, 16 Apr 2013 20:37, adam at adam-barratt.org.uk said:
>
> > libgcrypt maintainers - any thoughts on this?
>
> Did anything change since my comments from 2010?
>
> OpenLDAP needs to get it right and it would even be better if all
> applications would set up a their policy regarding their demand for
> private key protection. For instacne by setting up a custom memory
> handler.
>
> My current problem with OpenLDAP is that it can't be used anymore with
> GnuTLS 3 because the OpenSSL emulation switched to GPLv3+
GnuTLS 3 isn't particularly relevant to getting this RC bug fixed in
wheezy, given that wheezy will be shipping with 2.12.
> The straightforward solution would be to change OpenLDAP to use the
> native GNUTLS API and while at it also fix the libgcrypt
> initialization.
In less than two weeks, without introducing any new bugs?
The realistic alternatives as far as I can see currently are that the
suggested fix gets applied or this bug remains unfixed for wheezy.
Opinions that help towards a constructive resolution appreciated.
Regards,
Adam
More information about the Pkg-gnutls-maint
mailing list