2015-07-16 8:25 GMT+02:00 singh.janmejay <[email protected]>: > No problem, just asked. Don't have a usecase in mind.
Just let me add: if someone really doesn't like GnuTLS, he can write his own netstream driver (using the gtls driver as sample). I wouldn't object such a contribution, even welcome it. For reasons given by David, I would just treat it as "user contributed", aka "I do not officially support or maintain it". Rainer > > -- > Regards, > Janmejay > > PS: Please blame the typos in this mail on my phone's uncivilized soft > keyboard sporting it's not-so-smart-assist technology. > > On Jul 16, 2015 11:52 AM, "Rainer Gerhards" <[email protected]> > wrote: > >> 2015-07-16 8:21 GMT+02:00 singh.janmejay <[email protected]>: >> > Do we recommend using stunnel? >> >> no, because it increases message loss potential. What's the problem with >> GnuTLS? >> >> Rainer >> > >> > -- >> > Regards, >> > Janmejay >> > >> > PS: Please blame the typos in this mail on my phone's uncivilized soft >> > keyboard sporting it's not-so-smart-assist technology. >> > >> > On Jul 16, 2015 4:04 AM, "Saurabh Shukla" <[email protected]> >> wrote: >> > >> >> Hi David, >> >> >> >> Thanks for the detailed explanation. I understand the reasons behind not >> >> supporting other implementations. >> >> >> >> -- Saurabh >> >> >> >> On Wed, Jul 15, 2015 at 2:56 PM, David Lang <[email protected]> wrote: >> >> >> >> > To answer in more detail, the implementations have vastly different >> APIs, >> >> > so almost all software gets written for a particular encryption >> library, >> >> > not for multiple libraries. >> >> > >> >> > Due to the historic instability of the openssl API (not to mention >> their >> >> > security track record), rsyslog has been written to use the gnuTLS >> >> library >> >> > instead. >> >> > >> >> > I think it's even a bit more than 'patches welcome' as well. >> Maintaining >> >> > support for openssl is a significant amount of ongoing work. Someone >> >> > looking to add such support would need to convince Rainer that they >> would >> >> > be sticking around to support it going forward before such patches >> were >> >> > accepted. >> >> > >> >> > That said, it would be good to have support for multiple libraries, >> it's >> >> > just a lot of work. >> >> > >> >> > David Lang >> >> > >> >> > On Wed, 15 Jul 2015, Rainer Gerhards wrote: >> >> > >> >> > No. >> >> >> >> >> >> Sent from phone, thus brief. >> >> >> Am 15.07.2015 23:49 schrieb "Saurabh Shukla" < >> [email protected]>: >> >> >> >> >> >> Hi, >> >> >>> >> >> >>> Does rsyslog support TLS implementation from OpenSSL? If yes, how >> can I >> >> >>> configure rsyslog to use OpenSSL? >> >> >>> >> >> >> _______________________________________________ >> >> > rsyslog mailing list >> >> > http://lists.adiscon.net/mailman/listinfo/rsyslog >> >> > http://www.rsyslog.com/professional-services/ >> >> > What's up with rsyslog? Follow https://twitter.com/rgerhards >> >> > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a >> myriad >> >> > of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you >> >> > DON'T LIKE THAT. >> >> > >> >> _______________________________________________ >> >> rsyslog mailing list >> >> http://lists.adiscon.net/mailman/listinfo/rsyslog >> >> http://www.rsyslog.com/professional-services/ >> >> What's up with rsyslog? Follow https://twitter.com/rgerhards >> >> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad >> >> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you >> >> DON'T LIKE THAT. >> >> >> > _______________________________________________ >> > rsyslog mailing list >> > http://lists.adiscon.net/mailman/listinfo/rsyslog >> > http://www.rsyslog.com/professional-services/ >> > What's up with rsyslog? Follow https://twitter.com/rgerhards >> > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad >> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you >> DON'T LIKE THAT. >> _______________________________________________ >> rsyslog mailing list >> http://lists.adiscon.net/mailman/listinfo/rsyslog >> http://www.rsyslog.com/professional-services/ >> What's up with rsyslog? Follow https://twitter.com/rgerhards >> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad >> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you >> DON'T LIKE THAT. >> > _______________________________________________ > rsyslog mailing list > http://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > What's up with rsyslog? Follow https://twitter.com/rgerhards > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of > sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T > LIKE THAT. _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
