On 2014-02-07 12:12 , Jakub Wilk wrote: > What attic/crypto.py currently does is: > > libcrypto = cdll.LoadLibrary(find_library('crypto')) > > But there is no guarantee that find_library('crypto') returns a library > that is ABI-compatible with the Python code. For the Debian package, a > quick&dirty fix is to replace the find_library() call with > 'libcrypto.so.1.0.0', then hardcode libssl1.0.0 in Depends. But that of > course means that the package would need a sourceful upload by the next > OpenSSL transition.
You're right. The "find_library('crypto')" line itself won't guarantee any ABI-compatibility but a "Depends: libssl1.0.0 (>= 1.0.0)" line will. This thread started because I noticed that the package unnecessarily listed python3-openssl as a dependency (and python3-openssl depends on "libssl1.0.0 (>= 1.0.0)"). So I suggested to drop the middleman and replace the "Depends: python3-openssl" line with "Depends: libssl1.0.0 (>= 1.0.0)" since the python3-openssl code itself isn't needed, just the libssl1.0.0 dependency. So from my point of view this somehow changed from being about a one line change/improvement in debian/control to a discussion about python best practices and code rewrite. That said, Debian packages are important and I'm willing to do whatever changes it takes to make Attic "debian compatible". / Jonas
signature.asc
Description: OpenPGP digital signature