[Pkg-openldap-devel] Post-etch OpenLDAP work
Russ Allbery
rra at debian.org
Wed Mar 7 07:07:21 UTC 2007
Steve Langasek <vorlon at debian.org> writes:
> On Sat, Mar 03, 2007 at 11:23:01PM -0800, Russ Allbery wrote:
>> First, the work to make GnuTLS a fully supported SSL option is
>> underway. It will result in both new OpenLDAP and new GnuTLS releases,
>> mostly likely. It should be complete by the lenny release, at which
>> point my hope is that we can provide library and slapd packages built
>> against GnuTLS for lenny.
> Very much looking forward to it... :)
Yeah, me too. :)
>> I don't know whether it would be worth trying to figure out how to
>> provide packages built against OpenSSL at the same time or not. My
>> guess is that the OpenSSL support will continue to be more mature for
>> at least some time, which means that large sites with heavy loads may
>> wish to use it. Given how interlinked everything is with the
>> libraries, and given the existance of LDAP NSS modules, it's difficult
>> to get this right.
> Yeah, I can't imagine it being worth the effort of maintaining two
> versions of the slapd package officially.
Okay.
I expect that we'll want to figure out some way of building such packages
internally, but I can think of several ways of automating that which
wouldn't require putting the support into the Debian packages themselves.
>> What I'd like to propose is that we branch the repository and that we
>> (mostly Quanah, but other people in my group may also contribute)
>> develop our packages on a branch. This lets the people working on the
>> initial cut of packages not have to serve two masters and aim first at
>> getting something put together that we're willing to run in production
>> and that meets our local requirements.
> Yes, that seems fair. Will this branch use the current Debian packaging
> as a starting point?
I expect so. I don't want to toss anything out needlessly. I expect
that, on the branch, we may be brutal about just turning off things that
don't seem to work right until we get working packages, and then going
back and re-reviewing those areas for final polishing.
--
Russ Allbery (rra at debian.org) <http://www.eyrie.org/~eagle/>
More information about the Pkg-openldap-devel
mailing list