tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: security/gnutls: link against libunbound for DANE support (patch)



J. Lewis Muir transcribed 829 bytes:
> On 09/16, ng0 wrote:
> > I have not really maintained wip/gnutls, back when I added it
> > someone proposed I try and get this into security/gnutls proper.
> > 
> > In a set of software I work on, we highly prefer GnuTLS built
> > against libunbound to get DANE functionality. Right now this
> > pulls in at least unbound (and flex via unbound).
> > There are plans to eventually not depend on unbound for this
> > in GnuTLS itself.
> 
> I don't understand.  Doesn't GnuTLS provide the libgnutls-dane library?
> 
> At
> 
>   https://www.gnutls.org/manual/html_node/Verifying-a-certificate-using-DANE.html#Verifying-a-certificate-using-DANE
> 
> it says
> 
>   The DANE functionality is provided by the libgnutls-dane library
>   that is shipped with GnuTLS and the function prototypes are in
>   gnutls/dane.h.
> 
> What does Unbound have to do with this?
> 
> Regards,
> 
> Lewis

libunbound is required to build this, if you read the build-system of
GnuTLS and open tickets like https://gitlab.com/gnutls/gnutls/issues/21

Without the right dependencies in place, GnuTLS does not build this.


Home | Main Index | Thread Index | Old Index