------- You are receiving this mail because: -------
You are on the CC list for the bug.
Summary: Uses (soon to be) deprecated GnuTLS functions
Version: 4.75 RC1
Building exim against GnuTLS 2.11.7 ("Consider that a release candidate for
2.12.0") yields the following warnings:
tls-gnu.c: In function 'verify_certificate':
tls-gnu.c:237:3: warning: 'gnutls_certificate_verify_peers' is deprecated
(declared at /usr/include/gnutls/compat.h:325)
In file included from tls.c:84:0:
tls-gnu.c: In function 'tls_session_init':
tls-gnu.c:775:1: warning: 'gnutls_cipher_set_priority' is deprecated (declared
tls-gnu.c:776:1: warning: 'gnutls_compression_set_priority' is deprecated
(declared at /usr/include/gnutls/compat.h:334)
tls-gnu.c:777:1: warning: 'gnutls_kx_set_priority' is deprecated (declared at
tls-gnu.c:778:1: warning: 'gnutls_protocol_set_priority' is deprecated
(declared at /usr/include/gnutls/compat.h:339)
tls-gnu.c:779:1: warning: 'gnutls_mac_set_priority' is deprecated (declared at
gnutls_certificate_verify_peers is superseded by
gnutls_certificate_verify_peers2 (available since 1.2, 2005-01-27). The fix
should not be too painful.
Replacing the *_set_priority stuff is going to be harder. They are exposed to
the user via gnutls_require_kx, gnutls_require_mac, gnutls_require_protocols
The successor functions to these are the gnutls_priority_* ones. (Added in
2.2.0 2007-12-14) They accept a combined priority string (e.g. "NORMAL" or
I guess on the exim side something like this needs to happen:
* Continue to accept the gnutls_require_* settings but ignore them.
* Either update or drop the GnuLS mapping in tls_require_ciphers.
* Add a gnutls_priority setting.
This is not very, very urgent but also not a item of a far set future. I
suspect the first stable GnuTLS release that drops these interfaces wlill take
at least 8 months (November 2011) to appear.