On 28 January 2011 17:36, Juan Lang juan.lang@gmail.com wrote:
What's the issue with building GnuTLS? Is it that GnuTLS doesn't support the Mac Keychain? Is it that it's an external dependency? If the latter, we already pull in quite a bit that isn't found on the Mac, so the incremental change isn't large.
Note that I wasn't actually involved in any of this on the CodeWeavers side, but I think for CodeWeavers the consideration would be that we'd prefer to not be in the business of distributing GnuTLS, since it's extra stuff to carry around, and you'd have to keep track of security issues, etc. Although I think it's perfectly reasonable to ask Wine users, regardless of OS, to install GnuTLS if they want Schannel support, I don't think the same thing is necessarily reasonable to ask of CrossOver users.
On the other hand, as a Wine (and Free Software in general) developer I'm not so convinced this would really be beneficial to Wine either.
I do see two problems with the general plan. One isn't specific to your plan: schannel as it is is buggy. We don't know where the bugs are, and they've languished for a long time. Your proposed plan
Sadly some of that is probably my responsibility. The original plan was to implement server support after the client code went in, and then use that for writing tests. It didn't quite turn out that way, mostly due to wined3d taking priority.
On 30 January 2011 20:31, James McKenzie jjmckenzie51@earthlink.net wrote:
The point is that MacOSX has built-in TLS support out of the box. Why build GNU TLS when using MacOSX when it is not needed???
To reduce complexity and maintenance overhead of the Wine schannel code.