[gnutls-devel] Debian bug #857436: libgnutls-openssl27: OpenSSL wrapper not exposing TLS 1.1/1.2 ciphers

Andreas Metzler ametzler at bebt.de
Thu Mar 16 15:39:36 CET 2017


On 2017-03-11 Andreas Metzler <ametzler at bebt.de> wrote:
[...]> 8X----------------------------------------------
> Certain packages that rely on this OpenSSL wrapper library are unable to
> connect using TLS 1.1/1.2 cipher suites.

> Even though the server (and the client, when compiled against OpenSSL)
> supports the full array of TLS 1.1/1.2 ciphers, the package as provided
> seems to be limited to only TLS 1.0 ciphers.

Actually this *seems* to be trivially fixable. 

/Seems/ because I assume there is/was a reason for using a custom
priority string. ;-)

cu Andreas
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Use-NORMAL-priority-for-SSLv23_-_method.patch
Type: text/x-diff
Size: 1103 bytes
Desc: not available
URL: </pipermail/attachments/20170316/26cb56c6/attachment.patch>


More information about the Gnutls-devel mailing list