Wireshark-dev: Re: [Wireshark-dev] Is it possible to update the version of gcrypt?
From: Bálint Réczey <balint@xxxxxxxxxxxxxxx>
Date: Tue, 27 May 2014 17:41:24 +0700
Hi,

2014-04-01 9:58 GMT+07:00 Gerald Combs <gerald@xxxxxxxxxxxxx>:
> On 3/31/14, 6:35 PM, Pascal Quantin wrote:
>> 2014-03-31 20:02 GMT+02:00 Gerald Combs <gerald@xxxxxxxxxxxxx
>> <mailto:gerald@xxxxxxxxxxxxx>>:
>>
>>     On 3/30/14 10:00 AM, Pascal Quantin wrote:
>>     > 2014-01-08 0:25 GMT+01:00 Pascal Quantin <pascal.quantin@xxxxxxxxx
>>     <mailto:pascal.quantin@xxxxxxxxx>
>>     > <mailto:pascal.quantin@xxxxxxxxx <mailto:pascal.quantin@xxxxxxxxx>>>:
>>
>>     >     Gerald, according to the README.Wireshark file found in
>>     >     gnutls-2.12.18-1.2-win32ws archive, you manually modified the
>>     >     OpenSUSE packages:
>>     >       - Definition files were created using "pexports".
>>     >       - Import libraries were created using the MSVC++ "lib" utility
>>     >     using the "make-lib.sh" script.
>>     >     I do not know where to find those utilities neither how to use
>>     them.
>>
>>     "pexports" is its own package in OpenSUSE, although it looks like
>>     "gendef" (or even libtool itself) might be the preferred way to generate
>>     .def files nowadays.
>>
>>     "make-lib.sh" is in the "bin" directory in
>>     gnutls-2.12.18-1.2-win32ws.zip. It's just a series of "lib"
>>     commands, e.g.
>>
>>     lib /machine:x86 /def:libgcrypt-11.def /name:libgcrypt-11.dll \
>>       /out:libgcrypt-11.lib
>>
>>
>>     >     Maybe those missing steps on my side can explain my issue.
>>     Would you
>>     >     be OK if we to try to upgrade those libraries? If yes, could
>>     you help?
>>     >
>>     >     2 small things I noted:
>>     >     - libgcrypt-11.dll/lib is now renamed libgcrypt-20.dll/lib. It
>>     >     impacts config.nmake, Makefile.nmake,
>>     >     cmake\modules\FindGCRYPT.cmake, packaging\nsis\wireshark.nsi and
>>     >     ui\qt\QtShark.pro
>>     >     - the openSUSE libraries require an extra libgcc_s_sjlj-1.dll file
>>     >     found in mingw32-libgcc-4.8.2-1.2.noarch.rpm archive (my own
>>     >     compiled libraries did not need it but I failed to compile a win64
>>     >     variant so far).
>>
>>     It looks like that's an exception handling library which can be linked
>>     statically:
>>
>>     http://stackoverflow.com/questions/12921911/mingw-libgcc-s-sjlj-1-dll-is-missing
>>
>>     >
>>     >
>>     > Hi all,
>>     >
>>     > I restarted playing with the libraries provided by OpenSUSE this
>>     weekend
>>     > and was able to get libgcrypt 1.6.0 working on my Windows machine.
>>     > The remaining problem is that we should either recompile GnuTLS
>>     2.12.18
>>     > with this newer libgcrypt (Im' not willing to do so), or upgrade
>>     GnuTLS
>>     > to the version 3.1.22 provided by OpenSUSE.
>>     > We deactivated the use of GnuTLS 3.X in the past due to their move to
>>     > GPL3.0. But according to their website and the header files, the core
>>     > library is still LGPL 2.1+. Would it make it usable for us?
>>
>>     GnuTLS switched to LGPLv3+ in version 3.0, then back to LGPLv2.1+ in
>>     version 3.1.10. We need switch to a newer 3.x release at some point
>>     since the 2.12 branch is no longer maintained as far as I know. However,
>>     we need to be careful with the version of GMP that we ship since it
>>     switched to LGPLv3+:
>>
>>     https://gmplib.org/list-archives/gmp-devel/2013-August/003357.html
>>
>>
>> OK, here is where I stand.
>> I have a patch allowing to build win32 and win64 (presumably, I do not
>> have access to my win64 machine for a few days) Wireshark against GnuTLS
>> 3.1.22 and Grrypt 1.6.0 (thanks to the pre built packages provided by
>> OpenSUSE).
>> The newer GnuTLS 3.1.22 package creates new dependencies on the
>> following packages: libgmp-5.0.5, libnettle-2.7-3, libhogweed-2.7-3,
>> libp11-kit0-0.20.1 and libffi-3.0.13.
>> Nettle is LGPL, p11-kit and ffi license does not seem problematic, and
>> GMP 5.0.5, as you stated, is LGPLv3+ (only release 4.2.1 seems usable).
>> So this is definitely a blocker.
>> There is also an issue with the libp11-kit0-0.20.1 library provided by
>> OpenSUSE folks. It uses the function strerror_s from MSVCRT.dll, but
>> this symbol is not exported by the Windows XP MSVCRT (it is running fine
>> on Windows 7). I was about to try to recompile the p11-kit library
>> myself to avoid this dependency but the GMP licensing issue is
>> depressing (I did not check yet how difficult it was to recompile the
>> 4.2.1 version and hope that it would work with the GnuTLS pre compiled
>> library).
>
> It looks like GMP has been relicensed to GPLv2+ / LGPLv3+ as of 6.0.0
> (released a few days ago). Hopefully the OBS packages will be updated soon.
I have just switched the wireshark package in Debian to use GnuTLS 3
with the appropriate GMP:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=747578

Cheers,
Balint