curl-library
Supporting GPL/non-GPL (GnuTLS/OpenSSL) at the same time [was Re: Debian Development That Might Hit You]
Date: Fri, 19 Aug 2005 19:23:53 +0200
This is the technical part, I thought I'd put it in a separate mail.
Daniel, it'd be great if the problem were solved by you as upstream, in a
way which also solves it for Debian (and other distros). That way, the
chances of cross-distro binary compatibility of libcurl will be much
better!
First, try to understand the Debian POV for this. Assume the following:
- Future versions of curl will offer different features depending on
whether they're built with OpenSSL or GnuTLS, or both.
- Program A (BSD-licensed) allows users to choose between OpenSSL/GnuTLS at
runtime
- Program B (GPL-licensed) only uses GnuTLS, must not link against OpenSSL,
not even if it never calls it. (I know, kinda silly, but that's life.)
- Debian wants to support both A and B.
A and B should be installable at the same time.
My proposed solution:
Always build and install just one libcurl.so. Building two versions might
be OK as a short-term solution, but it invites all sorts of "fun" for
program A above, which would link against two /almost/ identical versions
of the same code.
The trick: Create your own "libcurl-ssldummy.so" version of OpenSSL. It
provides symbols for the entire OpenSSL API, but returns an error if any
function is called.
In the next step, make curl-config output the right library switches:
- When program A (BSD, uses OpenSSL+GnuTLS) is built, it just uses the
regular "curl-config --libs" to get its linker flags. It gets back -lssl
(and friends), -lgnutls (and friends) or none of these two, depending on
whether libcurl was built with(out) OpenSSL/GnuTLS support.
- When program B (GPL-licensed) is built, it passes a special switch to
curl-config, e.g. "curl-config --libs --no-openssl". It gets the same
flags as without the --no-openssl switch, EXCEPT that -lssl and friends
have been replaced with "-lcurl-ssldummy".
B will link just fine using the dummy SSL library. When the B binary is
run, it is *not* linked against OpenSSL at all.
>From the POV of libcurl: libcurl should determine during runtime whether
OpenSSL is really available, e.g. by checking for a special return value of
SSL_get_version(). If it is available, use it, otherwise fall back to
GnuTLS, or let the program choose.
Cheers,
Richard
-- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http://atterer.net | 0x888354F7 ¯ '` ¯Received on 2005-08-19