[Opendnssec-develop] Dependencies & stock distributions
sion at nominet.org.uk
sion at nominet.org.uk
Wed Dec 16 15:12:12 UTC 2009
> > I think we require the latest versions (or almost latest versions)
> of dnsruby, ldns, and botan. These are the fundamental libraries
> that we use in OpenDNSSEC. We have found bugs in them that were
> critical to fix.
>
> Good point... it's about bugfixes, not features.
>
> If it were for features only, an older version would do. These older
> versions would be easier for distro's. Given the option of backporting
> bugfixes into distro's, would it be an idea to list the following for
> all dependencies?
>
> 1. Older software version that has enough features
> 2. Bugfixes since then that are needed
> -> e.g. patchrefs, or quotes from dependency's changelogs
>
> This could greatly simplify the life of packagers and thus improve the
> chances of OpenDNSSEC being adopted into distributions and indeed
> becoming a turnkey solution for all those distro users. This in turn
> simplifies cooperation with an HSM that supports only certain distros.
For the enforcer's sqlite dependency we test for the most recent API call
that we make (sqlite_prepare_v2) but if this fails then we lie about the
required version (it says 3.4.2 when 3.3.9 would be enough).
As for bug fixes I'm not sure that it is possible to be certain which ones
might effect us, or if there are inter-dependencies of bug fixes... (E.g.
3.3.10 and 3.3.11 both talk about bug fixes to sqlite_prepare_v2; but
without testing these versions I don't know if they are required or not.)
When you are talking about centos5.2 running sqlite 3.3.6 (from June 2006)
the number of bug fixes is quite large.
Sion
More information about the Opendnssec-develop
mailing list