[exim-dev] GnuTLS status

Top Page

Reply to this message
Author: Phil Pennock
Date:  
To: exim-dev
Subject: [exim-dev] GnuTLS status
The GnuTLS revamp is 3/4+ done, I need sleep now though.

I've fixed a number of bugs, unhandled error cases, etc. The SNI
support is ~there.

I'm removing support for gnutls_require_kx, gnutls_require_mac and
gnutls_require_protocols, plus I'm turning tls_require_ciphers in the
GnuTLS case from an Exim list into a GnuTLS priority string.

This lets us get rid of a lot of hardcoding of available algorithm
names, and instead lets folks specify things in the same way they can in
~every other GnuTLS application. Test suite test 2011 removed.

For this release, those removed options will be parsed and silently
ignored.

Relevant documentation updated accordingly.

Current plan: sleep, gym, finish revamp, test a lot, push, cut RC1.

-Phil