Closed stokito closed 2 years ago
On debian stable uacme build-depends on libcurl4-gnutls-dev as you can see at https://packages.debian.org/source/bullseye/uacme and libcurl4-gnutls-dev depends on libcurl3-gnutls as you can see at https://packages.debian.org/bullseye/libcurl4-gnutls-dev (the curl source package at https://packages.debian.org/source/bullseye/curl doesn't build any ibcurl4-gnutls).
Note that uacme can be compiled with any of GnuTLS (the default), OpenSSL or mbedTLS. It is up to the distribution to chose which one. On debian I am also the package maintainer and I chose GnuTLS. On OpenWRT the maintainer chose - understandably - mbedTLS.
Also note that uacme carries its own local copy of libev but if the configure script finds a system wide libev it will pick it up. The OpenWRT maintainer recently added libev to the dependencies, see https://github.com/openwrt/packages/commit/1642b68d4583c45e87b9628a38ae039e23617e0d
Thank you for the clarification
I'm confusing about dependencies and would be glad if you can clarify. On Ubuntu and Debian the uacme package depends on libcurl4. I didn't found the
debian
folder with control file but apt shows these dependencies:So here I see that the
libcurl3-gnutls
is used directly by theuacme
e.g. not justlibcurl3
which may use a different backend by default. Also thelibgnutls30
is used directly by theuacme
itself and the package was compiled with it. That's fine.The question is why not use the
libcurl4
dependency? As far I understood there is no anylibcurl4-gnutls
but it will internally pick up an installed backed library, right? Update yes, it can be dynamically load an available TPS backend https://curl.se/mail/lib-2017-08/0118.htmlThe things become more weird for OpenWrt. There the
uacme
package uses thelibcurl4
(not 3!) which itself depends on WolfSSL as it's now the default library for OpenWrt in last releases. But OpenWrt team working on moving back to MbedTLS.In the same time the
uacme
itself depends onlibmbedtls12
. This is understandable but still some OpenWrt based firmwares for routers like Turris and Gl.inet are using just OpenSSL. Maybe for them it would be better to create a separate package likeuacme-openssl
.Another strange thing is that the OpenWrt
uacme
package doesn't depend onlibev
. In the same time I see that the library is just included into sources. Is it statically linked or something like that? There is some issue that may be related https://github.com/openwrt/packages/issues/19015