libgit2 switch from mbedTLS to OpenSSL

Michael Hudson-Doyle michael.hudson at
Thu Jun 30 23:06:10 UTC 2022

On Wed, 29 Jun 2022 at 20:33, Simon Chopin <simon.chopin at>

> Hi!
> As part of our efforts to support the Rust toolchain in main, we need to
> have libgit2 in main (dependency of cargo). However, it currently links
> against mbedTLS for its HTTPS backend rather than OpenSSL, for licensing
> reasons IIUC. Those reasons would now be invalid with the new OpenSSL
> 3.0 licensing.
> I'd like to switch it back to OpenSSL to avoid pulling yet another TLS
> implementation in main, however I'm a bit fuzzy whether this would
> constitute a breaking change for the libgit2 package. The libgit2
> library does not expose anything from its crypto implem as part of its
> API, nor does it re-export any of their symbols (assuming I understand
> the output of readelf -s correctly).
> Could someone confirm that this does not represent a breaking change?

I can't see any way that the selection of the backend leaks into the ABI in
a quick poke around in libgit2. I presume you've built the .so both ways
and looked at the dynamic symbol tables? (actually the symbols file
probably helps here!)

If the same names are exported then we'd only be in trouble if the
arguments to a function have changed somehow and I can't see how that would
happen given the libgit2 headers.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the ubuntu-devel mailing list