[oe] Fwd: Re: wpa_supplicant and GnuTLS
Phil Blundell
philb at gnu.org
Wed Sep 9 10:30:41 UTC 2009
On Wed, 2009-09-09 at 09:32 +0200, Holger Hans Peter Freyther wrote:
> On Tuesday 08 September 2009 09:23:46 Howard Chu wrote:
> > On the Always Innovating TouchBook I've found that the wpa_supplicant
> > always fails on WPA-EAP authentication in its default package, built with
> > GnuTLS. It works fine when I rebuild it using OpenSSL. It's surprising the
> > number of packages in the distro that depend on GnuTLS. I think you should
> > seriously reconsider relying on such a volatile library in your builds.
>
> Thanks, do you note that there are at least two things to consider? OpenSSL is
> considered to not be GPL compatible. So people that want to distribute
> binaries or don't want to advertize Eric Young can use GnuTLS or no SSL at
> all..
Or yassl, I guess. I haven't tried it myself, but in theory yassl is
meant to be approximately API-compatible with openssl so it might not be
too much of an upheaval to make wpa-supplicant work with it.
That aside, though, which SSL library to use is probably something that
ought to be a DISTRO choice rather than hard-wired. Both OpenSSL and
GnuTLS clearly have their downsides and neither of them is going to be
suitable in all situations.
p.
More information about the Openembedded-devel
mailing list