On Tue, 14 Dec 2010 16:59:34 -0600 Ted Zlatanov wrote: TZ> On Fri, 26 Nov 2010 15:10:39 +0100 Lars Magne Ingebrigtsen wrote: LMI> Is 2.10.x at least backwards-compatible, so that if we do implement the LMI> complicated 2.8.x features, it'll continue to work in the future, too? TZ> Yes. They try really hard to keep backwards compatibility. I'd guess TZ> for all 2.x releases we'll be OK unless there's newer features we simply TZ> must have :) Argh, GnuTLS 2.8.x is still standard on Ubuntu 10.10, so practically we should support it. Below is my first (untested) patch to generate the HAVE_GNUTLS_CALLBACK_CERTIFICATE_RETRIEVE and HAVE_GNUTLS_CALLBACK_CERTIFICATE_VERIFY definitions in the configure.in using AC_CHECK_FUNCS and then use them (currently just #ifdef placeholders) in gnutls.c. I plan to retrieve them from the :callbacks alist parameter to `gnutls-boot'. Regenerating "configure" failed for me. I get this error at the end: ./configure: line 12620: gl_ASSERT_NO_GNULIB_POSIXCHECK: command not found ./configure: line 12621: gl_ASSERT_NO_GNULIB_TESTS: command not found ./configure: line 12622: gl_INIT: command not found checking for lstat... yes ./configure: line 12648: syntax error near unexpected token `lstat' ./configure: line 12648: `gl_SYS_STAT_MODULE_INDICATOR(lstat)' at the end. But it gets far enough that I can tell the tests are being run. This is why the patch is untested; I'll see if I can figure out why that's happening. It may be an Ubuntu oddity. Please let me know if the proposed approach is reasonable and if you have any comments. In theory this should be pretty trivial. Thanks Ted