WolfSSL and Netatalk
Hi everyone, I'm reaching out to you all as the upstream maintainer of Netatalk (and also co-uploader of the deb package.) As a quick recap about Netatalk: It is an open source implementation of Apple's AFP protocol, used for file sharing and other network services for new and old Macs (and even Apple IIs). One major issue that this project has dealt with over the last year or so, is that OpenSSL deprecated DHCAST128 and DES cryptography with their version 3.0 release. These are used in Netatalk for authentication with old Mac OS clients. I raised this with the OpenSSL project some time ago, but the current consensus is that they won't reverse their decision. https://github.com/openssl/openssl/issues/22158 A few days ago, we released Netatalk 3.2.0 which comes bundled with a customized subset of WolfSSL as SSL provider. However, when I spoke to a Debian developer last year about this very topic, they told me that using WolfSSL for packaged software in Debian required some kind of special exemption and approval. Hence this email. What is the best way to go about this? Cheers, Daniel
Bug#1074056: ITP: golang-github-goccy-go-json -- Fast JSON encoder/decoder compatible with encoding/json
Package: wnpp Severity: wishlist Owner: Mathias Gibbens X-Debbugs-CC: debian-devel@lists.debian.org, debian...@lists.debian.org * Package name: golang-github-goccy-go-json Version : 0.10.3-1 Upstream Author : Masaaki Goshima * URL : https://github.com/goccy/go-json * License : BSD-3-clause, Expat Programming Lang: Go Description : Fast JSON encoder/decoder compatible with encoding/json Drop-in replacement of encoding/json that is fast and supports flexible customization with options. Can propagate context.Context to MarshalJSON or UnmarshalJSON and dynamically filter the fields of the structure type-safely. This is a new dependency required to update golang-github-minio-minio- go-v7 and will be team-maintained within the Go Packaging Team. signature.asc Description: This is a digitally signed message part
Bug#1074057: ITP: djstub -- DJGPP-compatible stub manipulation tools
Package: wnpp Severity: wishlist Owner: Stephen Kitt X-Debbugs-Cc: debian-devel@lists.debian.org * Package name: djstub Version : 0.0~git20240621.49e7ba6-1 Upstream Author : Stas Sergeev * URL : https://github.com/stsp/djstub * License : GPL Programming Lang: C Description : DJGPP-compatible stub manipulation tools This package provides DJGPP-compatible tools to manipulate stubbed executables, i.e. the MS-DOS MZ launcher for DOS-extended binaries: . - djstubify to modify the stub itself, in COFF and PE executables; - djlink to link ELF binaries and produce a dj64 executable; - djstrip to strip dj64 executables. . It includes a dj64-compatible stub, for use with dosemu2. It can be used with go32-compatible stubs, but no such stub is included. This is a build dependency for dosemu2-related tools.
Bug#1074072: ITP: python-libpulse -- asyncio interface to the Pulseaudio and Pipewire pulse library
Package: wnpp Severity: wishlist Owner: Sebastian Ramacher X-Debbugs-Cc: debian-devel@lists.debian.org, sramac...@debian.org * Package name: python-libpulse Version : 0.2 Upstream Contact: Xavier de Gaye * URL : https://gitlab.com/xdegaye/libpulse * License : MIT Programming Lang: Python Description : asyncio interface to the Pulseaudio and Pipewire pulse library libpulse is a Python project based on asyncio, that uses ctypes to interface with the pulse library of the PulseAudio and PipeWire sound servers. The interface is meant to be complete. That is, all the constants, structures, plain functions and async functions are made available by importing the libpulse module of the libpulse package. Cheers -- Sebastian Ramacher
Re: WolfSSL and Netatalk
Hi, > A few days ago, we released Netatalk 3.2.0 which comes bundled with a > customized subset of WolfSSL as SSL provider. > However, when I spoke to a Debian developer last year about this very > topic, they told me that using WolfSSL for packaged software in > Debian required some kind of special exemption and approval. > wolfssl is packaged in Debian, did you try to build netatalk with the packaged version? Debian doesn't like code copies in sources, so if it builds fine with the packaged version, removing it from the source that ends up in Debian will fix all issues. (I didn't check for licence compabilites and such things, guess you've done that already). Hope that helps, Bernd -- Bernd ZeimetzDebian GNU/Linux Developer http://bzed.dehttp://www.debian.org GPG Fingerprint: ECA1 E3F2 8E11 2432 D485 DD95 EB36 171A 6FF9 435F
Bug#1074075: ITP: pa-dlna -- pa-dlna forwards audio streams to DLNA devices
Package: wnpp Severity: wishlist Owner: Sebastian Ramacher X-Debbugs-Cc: debian-devel@lists.debian.org, sramac...@debian.org * Package name: pa-dlna Version : 0.11 Upstream Contact: Xavier de Gaye * URL : https://gitlab.com/xdegaye/pa-dlna * License : MIT Programming Lang: Python Description : pa-dlna forwards audio streams to DLNA devices A Python project based on asyncio, that uses ctypes to interface with the libpulse library and supports the PulseAudio and PipeWire sound servers. pa-dlna is composed of the following components: * The pa-dlna program forwards PulseAudio streams to DLNA devices. * The upnp-cmd is an interactive command line tool for introspection and control of UPnP devices. * The UPnP Python sub-package is used by both commands. Cheers -- Sebastian Ramacher
Re: WolfSSL and Netatalk
On Sunday, June 23rd, 2024 at 6:35 AM, Bernd Zeimetz wrote: > > > Hi, > > > A few days ago, we released Netatalk 3.2.0 which comes bundled with a > > customized subset of WolfSSL as SSL provider. > > However, when I spoke to a Debian developer last year about this very > > topic, they told me that using WolfSSL for packaged software in > > Debian required some kind of special exemption and approval. > > Hi Bernd, > > wolfssl is packaged in Debian, did you try to build netatalk with the > packaged version? > > Debian doesn't like code copies in sources, so if it builds fine with > the packaged version, removing it from the source that ends up in > Debian will fix all issues. > This is a reasonable request. I did try to build with Debian's WolfSSL libraries last year. At the time (September 2023) I concluded that the DES compatibility headers (des.h etc.) were missing altogether from Debian's WolfSSL package, and therefore could not be used for this purpose with Netatalk. Some discussion in https://github.com/Netatalk/netatalk/issues/358 > (I didn't check for licence compabilites and such things, guess you've > done that already). > All of the original WolfSSL codebase is GPLv2 licensed, which is the same license that Netatalk uses. However, a handful of source files (five of them to exact) are licensed under the traditional SSLeay license. They constitute key parts of the OpenSSL compatibility layer... > > Hope that helps, > > Bernd > It helps very much, thank you! Sincerely, Daniel
