On Wed, 14 Apr 2004 09:44:01 +0100, Colin Watson said: > It is very painful to change the version of libgcrypt7 in base at this > point. Doing this will break debian-installer testing, which is the > reason we asked for no further changes to the package lists in the base
I was not aware of the wide use Debian suddenly made of libgcrypt, despite that libgcrypt was flagged as work-in-progress. Fortunately that revealed a lot of problems we have by now solved. The major change between libgcrypt7 and 11 is an API change in the gcry_ac_* interface. This interface is pretty new and I doubt that it is used by any non-experimental package. Thus the migration to 11 should not be too problematic. The advantage of 11 is that we now use versioned symbols (ala glibc) to avoid future ABI breaks. This won't help us right now but will be very helpful in the future. There is another huge problems with applications inadvertently using Libgcrypt: The might link to two version of Libgcrypt. OpenLDAP for example uses gnutls which in turn uses libgcrypt1 - any new application or development project using libgcrypt and LDAP (say for key retrieval) will probably link against two versions - that is a Bad Thing. I don't see any solution other then to remove all libgcrypt versions except for the stable one (11). Yes, this needs updates of a lot of packages but source code changes shouldn't be too hard because gnutls seems to be the major user of libgcrypt. I am sorry for that and I regret that I forgot to subscribe to the libgcrypt7 PTS. Werner