Christian Biere wrote: > Raphael Manfredi wrote: > > Quoting [EMAIL PROTECTED] from ml.softs.gtk-gnutella.devel: > > :OpenSSL is licensed under a BSD-style license which includes the > > :ackowledgement clause. It's incompatible with GPL.
> Anyhow, if you want to use GNU TLS, get someone to write the code.
OK, attached is the same thing in green. I've also renamed the property
ssl_enforce to tls_enforce. GNU TLS seems be a little easier to use
than OpenSSL and it needs no hacks for non-blocking I/O either. There's
still the "Too large message" problem though which occurs randomly
very shortly after the handshake.
You can also use
openssl s_client -cipher ADH -connect localhost:<port>
to test the feature. For example, you can use this to get a encrypted
remote shell. Again, for simplicity I've used anonymous mode so it's
not safe against MITM attacks. "Anonymous" means that neither server
nor client authenticate themselves. It doesn't hide your identity,
that's not what "anonymous" refers to here.
Configure with
-Dccflags="-DUSE_TLS `libgnutls-config --cflags`" \
-Dldflags="`libgnutls-config --libs`"
--
Christian
gtkg-tls.udif.bz2
Description: Binary data
pgpFabbwL3R1B.pgp
Description: PGP signature
