Gordon Messmer writes:
I tried to build 0.69 on CentOS 6 today and found that gnutls doesn't compile. Sam, can you put in an autoconf check for the minimum version required so that gnutls isn't selected when it won't work?I've usually been an advocate of GnuTLS over OpenSSL, but this changing API is a real PITA. Is it worth looking at an NSS option to replace both OpenSSL and GnuTLS? NSS is the LSB standard SSL library (since 4.0, released in Nov 2008), so it should be everywhere. Its license is GPL, so it doesn't conflict with Courier like OpenSSL does. As far as I know, it has a stable API and features for key file management and hardware acceleration. http://www.mozilla.org/projects/security/pki/nss/
I'm pretty sure that if both GnuTLS and OpenSSL get installed, OpenSSL gets selected. Only if GnuTLS is the only one present, does GnuTLS get the nod.
I have been meaning to make GnuTLS the default for some time. I prefer GnuTLS's API over OpenSSL's. It's much more sane. It does tend to develop backwards compatibility issues occasionally, but it's just so much better than OpenSSL, from a developer's standpoint, that the pain is definitely worth it. I'd rather avoid having to do a third API.
pgpYoqpNPx2Iy.pgp
Description: PGP signature
------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_sfd2d_oct
_______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
