On Jul 9, 2007, at 5:27 PM, Stephen Fisher wrote:

> The current action taken by the configure script when the user  
> specifies
> --with-ssl but gnutls is not found

This is confusing as hell.

First of all, "--with-ssl" really means "--with-ssl's--lcrypto- 
library" - it doesn't cause us to link with -libssl, it causes us to  
link with -lcrypto, which is presumed to be the OpenSSL crypto library  
(or, at least, one that's close enough).

The reason why we ask about that is that, at least according to the  
folks at the FSF, one of the licenses for OpenSSL is incompatible with  
the GPL (both v2 and v3):

        http://www.fsf.org/licensing/licenses/

(search for "OpenSSL license").

At least one of the reasons why we might need -lcrypto is that we use  
NetSNMP to get information about particular SNMP variable bindings.   
We don't need all the functionality of NetSNMP, we just need the  
ability to read MIB files and find out what type a particular variable  
is - but, unfortunately, as some of the unused functionality of  
NetSNMP might require routines from -lcrypto, depending on how NetSNMP  
was built, you might have to link with -lcrypto in order to get  
NetSNMP.  I don't know whether we use any -lcrypto routines elsewhere.

> Should we make the configure script stop when it can't enable --with- 
> ssl
> because gnutls is missing?

No.  As indicated, "--with-ssl" doesn't ask for GNU TLS, it just asks  
for a -lcrypto that is the OpenSSL one or a compatible one.  (In  
particular, it looks for a -lcrypto with a routine named EVP_md5().)

>  I didn't catch the message as it flew by and
> saw SSL yes so I didn't realize it needed gnuTLS (I just figured it
> could do it with openssl instead).

What is the "it" in "it needed gnuTLS"?  The SSL decryption?

We might be able to use -libssl for that, or we might only need - 
lcrypto; I don't know which, if any, of those are the case.
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Reply via email to