[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] let's fix the openssl backend once and for all
From: |
Tim Rühsen |
Subject: |
Re: [Bug-wget] let's fix the openssl backend once and for all |
Date: |
Fri, 31 Oct 2014 19:49:33 +0100 |
User-agent: |
KMail/4.14.2 (Linux/3.16-3-amd64; KDE/4.14.2; x86_64; ; ) |
Am Freitag, 31. Oktober 2014, 11:00:00 schrieb Giuseppe Scrivano:
> Darshit Shah <address@hidden> writes:
> > On Thu, Oct 30, 2014 at 4:48 PM, Giuseppe Scrivano <address@hidden>
wrote:
> >> Tim Rühsen <address@hidden> writes:
> >>> as I wrote to Mike: It is the OpenSSL code within Wget. Wget compiled
> >>> with
> >>> GnuTLS does not show any problems.
> >>
> >> and this remembers us that maintaining two different backends is not a
> >> good idea. I am for just moving to GNU TLS and forget about OpenSSL.
> >> It is a bit drastic but I think it is a better move for the long term.
> >> And we get rid of the copyright exception as well...
> >>
> >> What you all think?
> >
> > I think OpenSSL is being used by way too many of our users as a SSL
> > backend and that we should continue to support it. Despite what the
> > project aimed for, GNUTLS has not managed to gain the adoption /
> > popularity that OpenSSL enjoys. In my opinion, we should clean up our
> > code-base and ensure that everything works with a good set of unit
> > tests.
> >
> > Maintaining two backends for OpenSSL and GNUTLS may be difficult, but
> > it is something we must work with. More people use Wget with the
> > OpenSSL backend than the number of people who use Wget on WIndows +
> > VMS. Yet we continue to support those architectures and want to
> > eliminate OpenSSL? Yes, it's hard, but we only need to up the ante and
> > clean up the code base, not run away from the real problem and simply
> > drop OpenSSL.
>
> yes, but in the OpenSSL vs GnuTLS case they have only to change a
> library and they will have the same functionalities, while dropping
> support for Windows or VMS means not offering any alternative to these
> users.
>
> What do you think about the idea Daniel proposed on this same thread?
For the whole developer community it would be a big benefit, no doubt.
But the work has to be done by someone... Daniel knows how much it is before
such a library finds it's way into the distributions.
Let's see, if there is someone who wants to do the work (well, I guess there
will be much support by developers).
We could say for the moment we stay with GnuTLS and OpenSSL and ask the drop
question in a year or so again. At least not rush a decision.
BTW, today I found out that valgrind actually reports false positives when
using (some functionality of) OpenSSL. There are some documents in the net
regarding this problem (OpenSSL reads uninitialized memory to get more
entropy). I'll come up with a post on this, not mixing topics here.
Tim
signature.asc
Description: This is a digitally signed message part.
- [Bug-wget] [Bug-Wget] Patch Test-proxied-https-auth.px, Darshit Shah, 2014/10/27
- Re: [Bug-wget] [Bug-Wget] Patch Test-proxied-https-auth.px, Tim Ruehsen, 2014/10/27
- Re: [Bug-wget] [Bug-Wget] Patch Test-proxied-https-auth.px, Tim Ruehsen, 2014/10/27
- Re: [Bug-wget] [Bug-Wget] Patch Test-proxied-https-auth.px, Tim Ruehsen, 2014/10/27
- Re: [Bug-wget] [Bug-Wget] Patch Test-proxied-https-auth.px, Tim Ruehsen, 2014/10/28
- Re: [Bug-wget] [Bug-Wget] Patch Test-proxied-https-auth.px, Mike Frysinger, 2014/10/29
- Re: [Bug-wget] [Bug-Wget] Patch Test-proxied-https-auth.px, Tim Rühsen, 2014/10/29
- [Bug-wget] let's fix the openssl backend once and for all (was: Patch Test-proxied-https-auth.px), Giuseppe Scrivano, 2014/10/30
- Re: [Bug-wget] let's fix the openssl backend once and for all (was: Patch Test-proxied-https-auth.px), Darshit Shah, 2014/10/31
- Re: [Bug-wget] let's fix the openssl backend once and for all, Giuseppe Scrivano, 2014/10/31
- Re: [Bug-wget] let's fix the openssl backend once and for all,
Tim Rühsen <=
- Re: [Bug-wget] let's fix the openssl backend once and for all (was: Patch Test-proxied-https-auth.px), Mike Frysinger, 2014/10/31
- Re: [Bug-wget] let's fix the openssl backend once and for all, Giuseppe Scrivano, 2014/10/31
- Re: [Bug-wget] let's fix the openssl backend once and for all, Mike Frysinger, 2014/10/31
- Re: [Bug-wget] let's fix the openssl backend once and for all, Ray Satiro, 2014/10/31
- Re: [Bug-wget] let's fix the openssl backend once and for all, Giuseppe Scrivano, 2014/10/31
- Re: [Bug-wget] let's fix the openssl backend once and for all (was: Patch Test-proxied-https-auth.px), Tim Ruehsen, 2014/10/31
- Re: [Bug-wget] let's fix the openssl backend once and for all, Giuseppe Scrivano, 2014/10/31
- Re: [Bug-wget] let's fix the openssl backend once and for all (was: Patch Test-proxied-https-auth.px), Daniel Stenberg, 2014/10/31
- Re: [Bug-wget] let's fix the openssl backend once and for all, Giuseppe Scrivano, 2014/10/31
- Re: [Bug-wget] let's fix the openssl backend once and for all, Daniel Stenberg, 2014/10/31