Hi folks, The STARTTLS implementation in nbd-server is almost ready. Still TODO: - Interoperability testing against qemu (yes, yes, I said I'd do that earlier, but hey) - Client certificate validation - Enforcing TLS1.2 by default - Allowing versions of GnuTLS older than 3.3 Other than that, I think we're good. Alex: I pulled the nbd-client and nbd-tester-client implementation from your 'add-tls-support' branch, and it seems to work well; at the very least, the current implementation passes the test suite. Man page updates have been written too. I've had to make a few small changes to make it work on current git HEAD, but most of it is pretty much unchanged from your code. In total, there's 80 commits since 3.14 up to current master, a number of new features (multiple connections, STARTTLS, splice), and a few bug fixes. I think it's time to release. -- < ron> I mean, the main *practical* problem with C++, is there's like a dozen people in the world who think they really understand all of its rules, and pretty much all of them are just lying to themselves too. -- #debian-devel, OFTC, 2016-02-12
Attachment:
signature.asc
Description: PGP signature