Require libgcrypt 1.4.4 or later?

Simon Josefsson simon at josefsson.org
Thu Feb 18 13:13:59 CET 2010


Nikos pointed out that we could avoid some issues by requiring a newer
libgcrypt version, and I agree.  Looking at the libgcrypt NEWS file, it
seems 1.4.4 contains some fixes for HMAC-SHA-2 that looks useful.  It
was released on 2009-01-22, so anyone contemplating installing the next
stable release GnuTLS 2.10.x shouldn't find it too problematic to find
it.  Thus, unless I hear any objections, I will make GnuTLS require
libgcrypt 1.4.4 or newer.

To clarify, this has no relevance for 2.8.x.

/Simon

Sebastien Decugis <sdecugis at nict.go.jp> writes:

>> This shouldn't be needed unless you call GCRYCTL_INITIALIZATION_FINISHED
>> in your program. gnutls_global_init() should take care of the functions
>> you describe. Which version of libgcrypt do you use? (does it fix the
>> issue if you use the latest?)
>>   
>
> I was using the Debian default version (1.4.1). I just tested with
> latest (1.4.5) and the issue is gone. I think I will leave the command
> in my code, so that it works even with the "bad" mix: gnutls 2.8.5 with
> gcrypt 1.4.1.
>
> Thank you for the tip!
> Best regards,
> Sebastien.





More information about the Gnutls-devel mailing list