Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Debian package uses libcurl3-gnutls but OpenWrt use libcurl4 #59

Closed
stokito opened this issue Jul 23, 2022 · 2 comments
Closed

Debian package uses libcurl3-gnutls but OpenWrt use libcurl4 #59

stokito opened this issue Jul 23, 2022 · 2 comments
Labels
not an issue

Comments

@stokito
Copy link

stokito commented Jul 23, 2022
edited
Loading

I'm confusing about dependencies and would be glad if you can clarify.
On Ubuntu and Debian the uacme package depends on libcurl4.
I didn't found the debian folder with control file but apt shows these dependencies:

Depends: libc6 (>= 2.33)
  Depends: libcurl3-gnutls (>= 7.38)
  Depends: libev4 (>= 1:4.04)
  Depends: libgnutls30

So here I see that the libcurl3-gnutls is used directly by the uacme e.g. not just libcurl3 which may use a different backend by default.
Also the libgnutls30 is used directly by the uacme itself and the package was compiled with it. That's fine.

The question is why not use the libcurl4 dependency? As far I understood there is no any libcurl4-gnutls but it will internally pick up an installed backed library, right?
Update yes, it can be dynamically load an available TPS backend https://curl.se/mail/lib-2017-08/0118.html

The things become more weird for OpenWrt. There the uacme package uses the libcurl4 (not 3!) which itself depends on WolfSSL as it's now the default library for OpenWrt in last releases. But OpenWrt team working on moving back to MbedTLS.

In the same time the uacme itself depends on libmbedtls12. This is understandable but still some OpenWrt based firmwares for routers like Turris and Gl.inet are using just OpenSSL. Maybe for them it would be better to create a separate package like uacme-openssl.

Another strange thing is that the OpenWrt uacme package doesn't depend on libev. In the same time I see that the library is just included into sources. Is it statically linked or something like that?
There is some issue that may be related openwrt/packages#19015
@ndilieto
Copy link
Owner

On debian stable uacme build-depends on libcurl4-gnutls-dev as you can see at https://packages.debian.org/source/bullseye/uacme and libcurl4-gnutls-dev depends on libcurl3-gnutls as you can see at https://packages.debian.org/bullseye/libcurl4-gnutls-dev (the curl source package at https://packages.debian.org/source/bullseye/curl doesn't build any ibcurl4-gnutls).

Note that uacme can be compiled with any of GnuTLS (the default), OpenSSL or mbedTLS. It is up to the distribution to chose which one. On debian I am also the package maintainer and I chose GnuTLS. On OpenWRT the maintainer chose - understandably - mbedTLS.

Also note that uacme carries its own local copy of libev but if the configure script finds a system wide libev it will pick it up. The OpenWRT maintainer recently added libev to the dependencies, see openwrt/packages@1642b68

@ndilieto ndilieto closed this as not planned Won't fix, can't repro, duplicate, stale Jul 23, 2022
@stokito
Copy link
Author

stokito commented Jul 23, 2022

Thank you for the clarification

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
not an issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@stokito @ndilieto