From smurf at smurf.noris.de Thu Aug 11 09:45:49 2005 From: smurf at smurf.noris.de (Matthias Urlichs) Date: Thu Aug 11 11:01:43 2005 Subject: [gnutls-dev] gnutls vs. openldap problems Message-ID: Hi, oenldap2 no longer compiles against gnutls. The reason are the gnutls_x509_extract_certificate_* functions. They now only are in gnutls-openssl, which contains GPL code and thus cannot be linked with openldap2. Worse, the license in libextra/openssl.c changed from LGPL to GPL. Please consider reverting this and moving this code from libextra/ to lib/. -- Matthias Urlichs | {M:U} IT Design @ m-u-it.de | smurf@smurf.noris.de Disclaimer: The quote was selected randomly. Really. | http://smurf.noris.de - - You had mail. Paul read it, so ask him what it said. From jas at extundo.com Thu Aug 11 12:19:33 2005 From: jas at extundo.com (Simon Josefsson) Date: Thu Aug 11 12:15:28 2005 Subject: [gnutls-dev] Re: gnutls vs. openldap problems In-Reply-To: (Matthias Urlichs's message of "Thu, 11 Aug 2005 09:45:49 +0200") References: Message-ID: Matthias Urlichs writes: > Hi, > > oenldap2 no longer compiles against gnutls. > > The reason are the gnutls_x509_extract_certificate_* functions. > They now only are in gnutls-openssl, which contains GPL code and thus > cannot be linked with openldap2. Worse, the license in libextra/openssl.c > changed from LGPL to GPL. > > Please consider reverting this and moving this code from libextra/ to lib/. Hi. Sounds reasonable, except if there is a problem with those APIs. They look rather useful to me though. Nikos, do we want to promote other APIs now? In the same file, there is also gnutls_x509_verify_certificate, I wonder if it is good. Thanks, Simon From smurf at smurf.noris.de Thu Aug 11 12:52:20 2005 From: smurf at smurf.noris.de (Matthias Urlichs) Date: Thu Aug 11 13:36:45 2005 Subject: [gnutls-dev] Re: gnutls vs. openldap problems In-Reply-To: References: Message-ID: <20050811105220.GA28270@kiste.smurf.noris.de> Hi, Simon Josefsson: > > Please consider reverting this and moving this code from libextra/ to lib/. > > Hi. Sounds reasonable, except if there is a problem with those APIs. > They look rather useful to me though. The code has been used by openldap2 (and presumably others) for some time now. I didn't notice that 1.0 had two copies of the code (the one in lib was marked deprecated for some reason), otherwise I would have asked sooner. Sometimes, having a nice intelligent linker that thinks symbol name conflicts are no big deal really hurts. :-/ -- Matthias Urlichs | {M:U} IT Design @ m-u-it.de | smurf@smurf.noris.de Disclaimer: The quote was selected randomly. Really. | http://smurf.noris.de - - My car was legally parked as it backed into the other vehicle. From smurf at smurf.noris.de Fri Aug 12 00:59:59 2005 From: smurf at smurf.noris.de (Matthias Urlichs) Date: Fri Aug 12 00:57:05 2005 Subject: [gnutls-dev] Re: gnutls vs. openldap problems In-Reply-To: <42FBBA24.1040507@student.tue.nl> References: <42FBBA24.1040507@student.tue.nl> Message-ID: <20050811225959.GE5411@kiste.smurf.noris.de> Hi, Nikos Mavrogiannopoulos: > No this is an old and deprecated API and should not be used. Hmm. Then which API _would_ you suggest to replace gnutls_x509_extract_certificate_issuer_dn gnutls_x509_extract_certificate_dn gnutls_x509_extract_certificate_subject_alt_name ? -- Matthias Urlichs | {M:U} IT Design @ m-u-it.de | smurf@smurf.noris.de Disclaimer: The quote was selected randomly. Really. | http://smurf.noris.de - - BOFH excuse #50: Change in Earth's rotational speed -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : /pipermail/attachments/20050812/3b73a8b6/attachment.pgp From nmav at gnutls.org Fri Aug 12 07:34:23 2005 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Fri Aug 12 08:36:16 2005 Subject: [gnutls-dev] Re: gnutls vs. openldap problems In-Reply-To: References: Message-ID: <42FC34DF.6010002@gnutls.org> Simon Josefsson wrote: > Matthias Urlichs writes: > > >>Hi, >> >>oenldap2 no longer compiles against gnutls. >> >>The reason are the gnutls_x509_extract_certificate_* functions. >>They now only are in gnutls-openssl, which contains GPL code and thus >>cannot be linked with openldap2. Worse, the license in libextra/openssl.c >>changed from LGPL to GPL. >>Please consider reverting this and moving this code from libextra/ to lib/. > Hi. Sounds reasonable, except if there is a problem with those APIs. > They look rather useful to me though. Nikos, do we want to promote > other APIs now? In the same file, there is also > gnutls_x509_verify_certificate, I wonder if it is good. No this is an old and deprecated API and should not be used. If you insist in using it you can just copy it to your code (it was under LGPL in some versions of gnutls thus you can just copy it from there). Nikos From nmav at gnutls.org Fri Aug 12 18:43:31 2005 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Fri Aug 12 18:43:54 2005 Subject: [gnutls-dev] Re: gnutls vs. openldap problems In-Reply-To: <20050811225959.GE5411@kiste.smurf.noris.de> References: <42FBBA24.1040507@student.tue.nl> <20050811225959.GE5411@kiste.smurf.noris.de> Message-ID: <42FCD1B3.50304@gnutls.org> Matthias Urlichs wrote: >>No this is an old and deprecated API and should not be used. > Hmm. Then which API _would_ you suggest to replace > > gnutls_x509_extract_certificate_issuer_dn > gnutls_x509_extract_certificate_dn > gnutls_x509_extract_certificate_subject_alt_name The gnutls_x509_crt_* functions. You can check the implementation of the gnutls_x509_extract_certificate_dn() compatibility function to see the ones the replaced it. From akellav at gmail.com Mon Aug 22 18:17:59 2005 From: akellav at gmail.com (venkat akella) Date: Mon Aug 22 19:23:06 2005 Subject: [gnutls-dev] Build gnutls for windows Message-ID: <79ae4fa105082209175ed8d97e@mail.gmail.com> Hi I am trying to build the gnutls-1.2.6 on windows using MingW/Msys environment. But getting some compilation errors saying that termios.h is not found. I saw a windows build of gnutls at the following link. http://ftp.gnupg.org/GnuPG/alpha/gnutls/ So, looks lke gnutls can be built on windows. It would be great if someone can tell how to build gnutls for windows. I could successfully built the libgpg-error-1.1 and libgcrypt-1.2.1 on mingw/msys environment except some tests of libgcrypt failed. Thanks for your time. Venkat