RFC: Adding Mac support to secur32/schannel.c
damjan.jov at gmail.com
Tue Feb 1 02:02:33 CST 2011
On Tue, Feb 1, 2011 at 3:08 AM, Juan Lang <juan.lang at gmail.com> wrote:
> Hi Ken, thanks for the reply.
> > As Henri said, it's that it's a set of external dependencies (not just
> one; GnuTLS has its own dependencies) and that they are security-related.
> To the greatest extent practical, security-related libraries should come
> from one's distro or OS vendor.
> Sure, I can buy that. I'll note that OpenSSL is also available for
> the Mac, and already loaded by wininet and winhttp. It could be
> appropriate to move from GnuTLS to OpenSSL for schannel, so we'd only
> have a single implementation for both Linux and Mac in schannel.
OpenSSL seems like a bad idea. It has poor binary compatibility and
problematic FIPS 140 certification, and Fedora is dropping it in favour of
OpenSSL isn't part of the LSB (while NSS is), so if we ever want to make a
Wine LSB package, it might be a good idea to get OpenSSL out of Wine
entirely. See also the August 2008 wine-devel thread about this:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the wine-devel