[gnutls-devel] Debian bug #857436: libgnutls-openssl27: OpenSSL wrapper not exposing TLS 1.1/1.2 ciphers

Nikos Mavrogiannopoulos nmav at gnutls.org
Sun Mar 12 07:01:24 CET 2017


On Sat, 2017-03-11 at 15:34 +0100, Andreas Metzler wrote:
> Hello,
> 
> this is copy of http://bugs.debian.org/857436 by Justin Coffman
> reported
> against 3.5.10:
[...]
> I do not know  but I suspect that the OpenSSL API has changed quite a
> bit in recent years and being a a good OpenSSL customer requires
> using
> these new APIs. e.g. from the Exim 4.89 announcement: "Please note
> that
> we are seeing OpenSSL issues which require 1.0.2 minimum ...".
> 
> OTOH the GnuTLS openssl wrapper does not seem to be seeing active
> development.
> 
> Therefore I suspect the usefulness of the GnuTLS openssl wrapper to
> be decreasing, since only programs with outdated OpenSSL code work.
> Am I guessing correctly?

I guess so. Furthermore I have no plans updating this wrapper. If it
proves no useful to existing programs, and there is no "owner" of it, I
think it would make more sense to schedule dropping it from gnutls.

regards,
Nikos




More information about the Gnutls-devel mailing list