Bug#976991: I am stepping up to help with the GnuTLS → OpenSSL switch in OpenLDAP

[Ryan Tandy]

On Wed, Jul 26, 2023 at 09:54:16AM +0000, John Scott wrote:
>I'll write some TLS autopkgtests, we'll rebuild reverse dependencies 
>and see how they fare, it'll be great.

That's an excellent first step, thanks for looking into it!

Regarding staging in experimental, Sergio currently uses that for 
merging new upstream versions into Ubuntu. Not raising that as a blocker 
per se, just to be aware that coordination might be appreciated.

I don't really expect issues with reverse dependencies. It'll be good to 
confirm, but I'd be surprised if any users of the library have 
significant issues. The things that really concern me are:

- does changing the TLS backend affect the ABI of libldap, requiring a 
   library transition (it "shouldn't", but sometimes things leak 
   unintentionally)

- determining how upgrades work for people who currently use 
   TLSCipherSuite or the equivalent slapd settings, and supporting them 
   through the transition (before and after trixie's release)

Thanks for taking steps to move this forward!