Laszlo Boszormenyi wrote: >> No, this is a very bad idea. No application linking against libneon should >> *care* whether it's linked with gnutls or not; you should *not* expose this >> in the library name. > You are right, that's why I made them conflict with each other, as both > provide the same library name. Would be the proposed -dev change be > acceptable?
Better -dev conflict than have apps uninstallable. It is common sense! Also, the applications do not care which lib they are linked with, but the license does => legal does => Debian does. >> The question is, *why provide a version of neon linked against OpenSSL at >> all*? > Upstream develop with OpenSSL, GnuTLS support has been just added, not > tested too much. Should work, but close to releasing Etch I don't want > to break Subversion and/or OpenOffice.org . Still, upstream will develop > with OpenSSL, I can not garantee that it will always work and have the > same security support. Also it would fetch more dependencies (GnuTLS > related just for neon) and I don't know if Subversion serving over https > would interfere with Apache2 or not. Reason: Apache2 is linked with > OpenSSL, Subversion and neon will be linked with GnuTLS. > For now, I will ask what upstream says about this. Please decide if I > should switch to GnuTLS support only; but then please schedule binNMUs > for Subversion and OpenOffice.org . I agree. GnuTLS is not a well tested replacement for OpenSSL. Possibly breaking OpenOffice is not a good idea either. - Adam -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
