s4 with older GNUTLS
Matthias Dieter Wallnöfer
mdw at samba.org
Tue Sep 1 18:04:46 UTC 2015
Hi Andrew,
it is CentOS 5 which uses this older GNUTLS release (1.4.1).
Well I do not complain if we are not supporting it any longer but then
we should change our WAF checks to exclude it.
Matthias
Andrew Bartlett schrieb:
> On Sun, 2015-08-30 at 19:13 +0200, Matthias Dieter Wallnöfer wrote:
>> I need the attached patch to make s4 work with an older GNUTLS
>> library,
>> which does not provide any gnutls_priority...() calls.
> Sadly we need a way to turn off SSLv3, and without that call we are
> unable to.
>
> However, this patch made Garming and I realise that we had unused code
> in lib/tls/tls.c and that the web server, which is largely unused but
> still present, was still supporting SSLv3, against the WHATSNEW
> announcement.
>
> So we can consider the consequences, what systems use the older
> library?
>
> In the meantime, a patch to fix up the web server to turn of SSLv3 is
> now in autobuild.
>
> Thanks,
>
> Andrew Bartlett
>
More information about the samba-technical
mailing list