GNU bug report logs -
#27708
[PROPOSED] Simplify configuration of HAVE_GNUTLS3 etc.
Previous Next
Reported by: Paul Eggert <eggert <at> cs.ucla.edu>
Date: Sat, 15 Jul 2017 16:15:01 UTC
Severity: normal
Tags: patch
Done: Paul Eggert <eggert <at> cs.ucla.edu>
Bug is archived. No further changes may be made.
Full log
Message #29 received at submit <at> debbugs.gnu.org (full text, mbox):
On Sun, 16 Jul 2017 19:08:45 +0300 Eli Zaretskii <eliz <at> gnu.org> wrote:
EZ> Yes, that's what I meant, but I think this won't be useful unless we
EZ> also introduce some fallbacks into the code which uses those new
EZ> functions. AFAICT, it is the case in some of the new APIs that almost
EZ> all of the GnuTLS functions they use are available even before v3.X,
EZ> but then just one function they call needs 3.2.X or 3.4.X. This makes
EZ> the entire API useless (it returns nil), which is a pity, since I'm
EZ> guessing we could code some workaround or maybe provide partial
EZ> functionality instead. Alas, I don't know enough about these
EZ> functions to code such fallbacks.
I think the risk of providing broken or subtly insecure functionality is
bigger if we do workarounds. Also the maintenance effort will be lower
if we pin to specific versions instead of features. I'm inclined to take
Paul's advice on this since he knows this area so well.
Another point is that I'd rather not support GnuTLS 2.x for the new
functionality; 2.12 is deprecated and won't get new updates according to
https://lists.gnupg.org/pipermail/gnutls-devel/2016-November/008220.html
so we should make an effort not to rely on it. I'd even recommend
dropping 2.x support altogether in Emacs 26.
So maybe Paul's approach was best after all :)
Ted
This bug report was last modified 7 years and 343 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.