On Tue, Feb 4, 2014 at 11:55 AM, David Woodhouse <dwmw2 at infradead.org> wrote: >> gnutls uses gnulib (which I found out that sometimes could have >> side-effects - such as replacing recv and send). Would loading succeed >> if done in openconnect directly? > This *is* in openconnect directly. > http://git.infradead.org/users/dwmw2/openconnect.git/blob/HEAD:/gnutls.c#l230 > Don't get me started (again) on how much we have to do in openconnect > directly because the various crypto libraries don't give us a simple > "use <this> cert/key that the user specified on the command line" that > Does The Right Thing(tm) :) Your complaints were noted and were eventually fixed, so I believe that you could reduce the code in the gnutls part by 30-40% at the cost of depending on a newer gnutls version. So eventually you helped future projects :) regards, Nikos
