Re: [Exim] Who is using GnuTLS?

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Andreas Metzler
Datum:  
To: exim-users
Betreff: Re: [Exim] Who is using GnuTLS?
On 2004-02-26 Philip Hazel <ph10@???> wrote:
> I have just started to look at the patch to GnuTLS to add CRL
> functionality. It seems that it requires GnuTLS 1.0.x, which is now the
> stable release. This release has some incompatibilities with the
> previous 0.8.x stable releases.

[...]

Exim4 compiles fine with
- --------------
- --- exim/src/tls-gnu.c.orig     Mon May 19 14:17:07 2003
+++ exim/src/tls-gnu.c  Mon Feb 23 17:33:34 2004
@@ -204,7 +204,8 @@


 if ((verify & GNUTLS_CERT_NOT_TRUSTED) != 0 ||
     (verify & GNUTLS_CERT_INVALID) != 0 ||
- -    (verify & GNUTLS_CERT_CORRUPTED) != 0 ||
+/* missing in gnutls10 and a noop anyway
+    (verify & GNUTLS_CERT_CORRUPTED) != 0 ||*/
     (verify & GNUTLS_CERT_REVOKED) != 0)
[...]
- --------------
using the gnutls8-compatibility mode
(/usr/include/gnutls/compat8.h).


> Question: How many people are using 0.8.x and will be dismayed if the
> next release of Exim supports only GnuTLS 1.0.x?


> In other words, how much is my time worth trying to maintain
> compatibility? I *suspect* that there are only a few GnuTLS users at
> present, as GnuTLS is relatively new. I don't want to waste time (this
> is unexpected work as it is) for a GnuTLS release that is becoming
> obsolete.


We at Debian use GnuTLS, but because I have switched exim4 to use
GnuTLS 1.0.x three days ago on monday I don't care for 0.8.x
compatibilty. - Feel free to drop it.

I think most other vendors are using OpenSSL instead of GnuTLS anyway.
            cu andreas


--
"See, I told you they'd listen to Reason," [SPOILER] Svfurlr fnlf,
fuhggvat qbja gur juveyvat tha.
Neal Stephenson in "Snow Crash"