s4 with older GNUTLS

Matthias Dieter Wallnöfer mdw at samba.org
Tue Sep 1 18:04:46 UTC 2015

Hi Andrew,

it is CentOS 5 which uses this older GNUTLS release (1.4.1).

Well I do not complain if we are not supporting it any longer but then
we should change our WAF checks to exclude it.


Andrew Bartlett schrieb:
> On Sun, 2015-08-30 at 19:13 +0200, Matthias Dieter Wallnöfer wrote:
>> I need the attached patch to make s4 work with an older GNUTLS 
>> library,
>> which does not provide any gnutls_priority...() calls.
> Sadly we need a way to turn off SSLv3, and without that call we are
> unable to.
> However, this patch made Garming and I realise that we had unused code
> in lib/tls/tls.c and that the web server, which is largely unused but
> still present, was still supporting SSLv3, against the WHATSNEW
> announcement.
> So we can consider the consequences, what systems use the older
> library?
> In the meantime, a patch to fix up the web server to turn of SSLv3 is
> now in autobuild.
> Thanks,
> Andrew Bartlett

More information about the samba-technical mailing list