Wednesday 29 June 2022

libgit2 switch from mbedTLS to OpenSSL

Hi!

As part of our efforts to support the Rust toolchain in main, we need to
have libgit2 in main (dependency of cargo). However, it currently links
against mbedTLS for its HTTPS backend rather than OpenSSL, for licensing
reasons IIUC. Those reasons would now be invalid with the new OpenSSL
3.0 licensing.

I'd like to switch it back to OpenSSL to avoid pulling yet another TLS
implementation in main, however I'm a bit fuzzy whether this would
constitute a breaking change for the libgit2 package. The libgit2
library does not expose anything from its crypto implem as part of its
API, nor does it re-export any of their symbols (assuming I understand
the output of readelf -s correctly).

Could someone confirm that this does not represent a breaking change?

Cheers,
--
Simon Chopin
Foundations Team Ubuntu Core Dev
simon.chopin@canonical.com schopin@ubuntu.com

--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel