Package: filezilla Version: 3.27.0~rc1-1 Severity: minor Tags: upstream User: [email protected] Usertags: deprecated-gnutls-3.6
Hello, src/engine/tlssocket_impl.cpp contains this code: #if FZ_USE_GNUTLS_SYSTEM_CIPHERS char const ciphers[] = "@SYSTEM"; #else char const ciphers[] = "SECURE256:+SECURE128:-ARCFOUR-128:-3DES-CBC:-MD5:+SIGN-ALL:-SIGN-RSA-MD5:+CTYPE-X509:-CTYPE-OPENPGP:-VERS-SSL3.0"; #endif ... res = gnutls_priority_set_direct(m_session, ciphers, 0); i.e. it explicitely disables gnutls support for openpgp certificates. GnuTLS stopped enabling OPENPGP certificates by default in 3.0.2 (Sept 2011). OpenPGP support in gnutls was marked deprecated in 3.5.9 and was removed in 3.6.0. (Noop stub functions are still shipped to avoid ABI breakage.) Therefore imho it makes sense to drop the pgp/gnutls code from filezilla. cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure'
