[OE-core] [PATCH] wpa-supplicant: Compile without CONFIG_GNUTLS_EXTRA
Phil Blundell
philb at gnu.org
Fri Jan 6 13:07:51 UTC 2012
On Fri, 2012-01-06 at 01:39 +0100, Andreas Oberritter wrote:
> On 05.01.2012 22:30, Andrei Gherzan wrote:
> > From: Andrei Gherzan <andrei.gherzan at windriver.com>
> >
> > CONFIG_GNUTLS_EXTRA is needed as support for TLS/IA which was designed to be used
> > in the EAP-TTLSv1. As we don't see any requirement for that protocol today we decided
> > to remove it from wpa-supplicant .config file.
>
> With this option removed, is there any reason to prefer GnuTLS over
> OpenSSL? OpenSSL is wpa-supplicant's default, and at least Ubuntu uses
> OpenSSL with it, too. I guess it's tested more thoroughly than GnuTLS.
OpenSSL's license can be a nuisance at times because it is incompatible
with the GPL. In the particular case of wpa-supplicant it doesn't
present a massive problem since wpa-supplicant itself is dual-licensed
and you can just ship the binaries under the BSD license instead.
However:
a) you might want to modify wpa-supplicant by linking it with GPL code,
which would require the resulting binary to also be distributed under
the GPL (and hence prohibit the use of openssl); or
b) you might already be using GnuTLS elsewhere on the system (e.g. for
other programs which are GPL-only or simply don't include support for
OpenSSL at a technical level). In this case you probably want to link
wpa-supplicant with GnuTLS as well so as to avoid shipping more SSL
libraries than necessary.
So, ideally, I think the choice as to whether OpenSSL or GnuTLS is
preferred should be a DISTRO_FEATURE, and/or a PACKAGECONFIG option for
wpa-supplicant.
p.
More information about the Openembedded-core
mailing list