Hi, by default, upstream compiles in GNUTLS _and_ NSS. NSS is at least needed for the option nowadays called "old SSL", and GNUTLS doesn't support SSL < v3. So I'm not sure if the current "consistent SSL library choice" as documented in our changelog is the right approach.
Adding libnss-dev to build dependencies and removing --disable-nss fixes the problem for Debian (and instead adding --disable-gnutls completely exchanges gnutls by libnss, but I didn't do many further checks besides compiling and a bit of network sniffing). However, silently ignoring "failed" SSL is still an upstream security issue. Thanks for considering. bye, Roland -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
