s4 with older GNUTLS
Andrew Bartlett
abartlet at samba.org
Sun Aug 30 23:10:49 UTC 2015
On Sun, 2015-08-30 at 19:13 +0200, Matthias Dieter Wallnöfer wrote:
> I need the attached patch to make s4 work with an older GNUTLS
> library,
> which does not provide any gnutls_priority...() calls.
Sadly we need a way to turn off SSLv3, and without that call we are
unable to.
However, this patch made Garming and I realise that we had unused code
in lib/tls/tls.c and that the web server, which is largely unused but
still present, was still supporting SSLv3, against the WHATSNEW
announcement.
So we can consider the consequences, what systems use the older
library?
In the meantime, a patch to fix up the web server to turn of SSLv3 is
now in autobuild.
Thanks,
Andrew Bartlett
--
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.org
Samba Development and Support, Catalyst IT
https://catalyst.net.nz/services/samba
More information about the samba-technical
mailing list