Wireshark · Wireshark-dev: Re: [Wireshark-dev] Supported GnuTLS/glib/libgcrypt versions?

[Jeff Morriss <jeff.morriss.ws@xxxxxxxxx>]

On 10/11/15 17:32, Peter Wu wrote:
> Hi,
>
> Michal reported to me that a recent change in the SSL dissector was not
> compatible with older GnuTLS versions[1].
>
> The changes introduced the use of functions gnutls_pubkey_import and
> gnutls_pubkey_import_rsa_raw which were introduced with GnuTLS 2.12.0 in
> 2011-03-24 (2.11.3 development). Michal is using (RHEL6?) GnuTLS 2.8.5
> (released in November 2009).
>
> Since the minimum Qt4 version for upcoming Wireshark 2.0 is already
> higher than what RHEL6 ships, would you mind if the GnuTLS version is
> also bumped?

Since GnuTLS is optional [and I don't do decryption very often ;-)] I 
don't really mind.  I can't say that I know how much the rest of the 
RHEL 6 world uses decryption though.

But you do raise a good point: I should start doing test compiles of the 
2.0 rc on RHEL 6.  I hadn't realized my users would have to continue 
using the Gtk+ GUI.  Too bad...

> Speaking of bumping library versions, can we also bump the glib and
> libgcrypt versions? Current versions are glib 2.14 and libgcrypt
> 1.1.92. If we could go to glib 2.28 (Feb 2011) and gcrypt 1.5.0 (Jun
> 2011), it would enable us to use newer functions such as
> g_list_free_full.

The glib change is OK for me (for RHEL 6) but it does appear to mean 
we'd lose support for all SLES versions; I'd tend to think that would be 
a bad thing.

In my mind libgcrypt is the same as GnuTLS: it's optional so while it 
would be annoying for some users it also wouldn't be the end of the world.