On Fri, 19 Apr 2013 09:22, h...@symas.com said: > Excuse me? By what measure is this correct? Certainly not by any > published official documentation.
The correct solution is to let the application handle this. But I don't want to repeat this now. "most correct" here means, it is not worse than what GNUTLS or any other library might do in case requirements (initialization of Libgcrypt) have not been met. As a historic note let me add that Nikos, the GNUTLS author, once approached me to find way to avoid passing an initialization hook up to the application. After a lot of discussion we finally came up with this INITIALIZATION_FINISHED_P hack. > The OpenLDAP library doesn't want one thing or another at all. It > simply is expected to use GnuTLS on Debian and it initializes it as > documented. Well, it also needs to initialize Libgcrypt. But GNUTLS takes care of it and tries to do the Right Thing if that has not been done. Which works in most cases. > Frankly, speaking for the OpenLDAP Project, what we want is to delete > all support for GnuTLS. It is, like Mozilla NSS, a poorly designed API Split OpenLDAP into a daemon and a simple access library and things would be more robust. This also avoids the hard library dependencies and the need for applications to runtime link to several versions of the same library. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
