Thursday, 30 June 2022

Re: libgit2 switch from mbedTLS to OpenSSL

On Wed, 29 Jun 2022 at 20:33, Simon Chopin <> wrote:

As part of our efforts to support the Rust toolchain in main, we need to
have libgit2 in main (dependency of cargo). However, it currently links
against mbedTLS for its HTTPS backend rather than OpenSSL, for licensing
reasons IIUC. Those reasons would now be invalid with the new OpenSSL
3.0 licensing.

I'd like to switch it back to OpenSSL to avoid pulling yet another TLS
implementation in main, however I'm a bit fuzzy whether this would
constitute a breaking change for the libgit2 package. The libgit2
library does not expose anything from its crypto implem as part of its
API, nor does it re-export any of their symbols (assuming I understand
the output of readelf -s correctly).

Could someone confirm that this does not represent a breaking change?

I can't see any way that the selection of the backend leaks into the ABI in a quick poke around in libgit2. I presume you've built the .so both ways and looked at the dynamic symbol tables? (actually the symbols file probably helps here!)

If the same names are exported then we'd only be in trouble if the arguments to a function have changed somehow and I can't see how that would happen given the libgit2 headers.