[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: slrn SSL with gnutls



Andrew McDonald wrote:
> I've just written the start of a small shim layer between OpenSSL
> function calls and GNUTLS, allowing an application written to use
> OpenSSL to use GNUTLS instead.

This is excellent news. I'm ccing Debian as a whole, since there is
bound to be interest.

Who is gonna package this, guys?

> The files can be found at:
> <http://www.mcdonald.org.uk/andrew/gnutls/>
> (and are also attached to this e-mail)
> 
> At the moment it only implements the functions used by slrn, and the
> handling of errors from the SSL layer isn't fully implemented, but it
> works for me. (NB: requires gnutls 0.4.3 which isn't in Debian unstable
> yet).
> 
> To build slrn:
> - modify src/sltcp.c to #include gnutls-openssl.h and gnutls-openssl.c
> instead of the openssl includes
> - link against gnutls libraries rather than openssl
> 
> (Note, you can't connect to secnews.netscape.com since they only
> support export ciphersuites, which are not implemented in gnutls).

I'm not sure how big a deal this is, but this still sounds terriffic and
I'm looking forward to being able to make a SSL enabled slrn available
to debian.

> NOTE: The slrn SSL support doesn't seem to do any certificate checks,
> which means you don't know (with cryptographic certainty) who you are
> connecting to, so there could be a man-in-the-middle.

-- 
see shy jo


-- 
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org



Reply to: