Comment 13 for bug 2003668

Hi,

I'm sending an updated version of this package in https://launchpad.net/~aittner/+archive/ubuntu/openssl-pkcs11-sign-provider-upload/+packages ... as the previous was never published, I it will still be -ubuntu1, so no debdiff.

Specific changes:

> debhelper (>= 13),
> debhelper-compat (= 13),

I removed the first dependency and left the one on debhelper-compat, so it will replace both d/compat and the one on dh >= 13.

> pkg-config (>= 1.8.1)

Replaced by pkgconf. I probably let the version slip through when I had to chose between virtual pkg-config and the real pkgconf.

> Depends: libopencryptoki0 (>= 3.21.0),
> libssl3 (>= 3.0.10),

I kept the dependencies, as from previous comments we need them to ensure that the package will work. Forcing libssl3 to >= 3.0.10 should not be a problem anymore as we are using versions later than 3.0.8, but making the dependency explicit seems better as the older can fail without raising any compile time errors due to the dlopen.

If keeping these dependencies are also a problem, perhaps I may add a dep8 test to try to load the module ... if will ensure that *something* will fail if the ABI changes, but it also seems we'll be just reimplementing a thing that we can alredy do with an more standard approach.

opencryptoki0 is only required because the sample config calls it; but we can remove both is this becomes a problem.

> Files: debian/*
> Copyright: 2023 Canonical LTD
> License: Apache-2

Reverted the license back to GPL-3.

> override_dh_makeshlibs:
> # This is a plugin which is dlopen()ed, not linked against.

I'm pretty sure this one was causing a lintian false positive, so I kept it. Should I remove and add a lintian override instead ?

I also fixed some of @schopin 's suggestions form #10.

Anyway, any other comment or feedback is welcome!