LogTools’ configure script checks for GnuTLS 2.10.0 as a minimum precondition to build LogTools. At the time of this writing, that version is usually not included with distros. So can it be relaxed and an earlier version used?
Unfortunately, this is not the case. We are using some higher level functionality that was first introduced with GnuTLS 2.10.0 (namely the hash functions). In theory, we could use some lower-level functions in order to build with older versions. However, this complicates things when we move forward to full-blown digital signature (what we intend to do soon), so this is not a really good option. Instead, we have implemented support for openssl as a fallback. Openssl supports the required functionality for quite a while now and so the openssl fallback option will most probably work on conservative distros. The fallback is not automatically enabled, as this may not be what the user actually intends. Instead, it must explicitly be turned on. To use openssl, specify “–enable-openssl” as a ./configure option.
Note that LogTools contain a crypto backend interface (specified in logcry.h). So if someone wants to add additional backends, this can be done with relative ease. So far, we have no plans to support backends other than GnuTLS and openssl ourselfs.
Tags: build, crypto backend