On 10/11/15 17:32, Peter Wu wrote:
Hi,
Michal reported to me that a recent change in the SSL dissector was not
compatible with older GnuTLS versions[1].
The changes introduced the use of functions gnutls_pubkey_import and
gnutls_pubkey_import_rsa_raw which were introduced with GnuTLS 2.12.0 in
2011-03-24 (2.11.3 development). Michal is using (RHEL6?) GnuTLS 2.8.5
(released in November 2009).
Since the minimum Qt4 version for upcoming Wireshark 2.0 is already
higher than what RHEL6 ships, would you mind if the GnuTLS version is
also bumped?
Since GnuTLS is optional [and I don't do decryption very often ;-)] I
don't really mind. I can't say that I know how much the rest of the
RHEL 6 world uses decryption though.
But you do raise a good point: I should start doing test compiles of the
2.0 rc on RHEL 6. I hadn't realized my users would have to continue
using the Gtk+ GUI. Too bad...
Speaking of bumping library versions, can we also bump the glib and
libgcrypt versions? Current versions are glib 2.14 and libgcrypt
1.1.92. If we could go to glib 2.28 (Feb 2011) and gcrypt 1.5.0 (Jun
2011), it would enable us to use newer functions such as
g_list_free_full.
The glib change is OK for me (for RHEL 6) but it does appear to mean
we'd lose support for all SLES versions; I'd tend to think that would be
a bad thing.
In my mind libgcrypt is the same as GnuTLS: it's optional so while it
would be annoying for some users it also wouldn't be the end of the world.
