I took
http://savannah.nongnu.org/download/mailnotify/mail-notification-5.4.tar.bz2
(most recent) and add gnutls (2.0.4 as installed in hardy) support.
It works for me but I'm pretty sure that there are still some bugs around I
somehow missed, so better somebody else looks over it before applying it.
I basically added a new option "gnutls" parallel to "ssl" (=> openssl), where
gnutls suppresses ssl in auto configuration.
Next, I replaced all #if WITH_SSL (and similar) definitions with #if WITH_SSL
|| WITH_GNUTLS. (These changes also applied to the code generated from gob, as
I don't have gob2 2.1.16) .
Further, jbsrc/lib/src/extra/jb-gnutls.{c,h} and src/mn-gnutls.{c,h} got added,
the latter contains some useful functions for cert verification and the default
cert path.
In src/mn-client-session.{c,h} I seperated WITH_SSL and WITH_GNUTLS and rewrote
the code for gnutls.
There are three major points about it:
* gnutls 2.0.4 does not have all functions given in online api of gnutls nor
do the examples work
(gnutls-doc-2.0.4 is somehow incomplete regarding api listing).
* cert chain verification needs to be cared for by mail-notification, e.g.
reading ca certs from /etc/ssl/certs etc.
I decided not to use gnutls_certificate_verify_peers2 due to
http://blog.josefsson.org/2008/02/27/real-world-performance-tuning-with-callgrind/
,
which was really slow on my machine. Perhaps this could be changed some day.
* check_hostname is not used as I didn't figure out how to extract the
common_name and altName(s)
correctly but use gnutls_x509_crt_check_hostname. I don't know if
gnutls_x509_crt_check_hostname supports wildcards.
** Attachment added: "Add gnutls support to mail notification 5.4"
http://launchpadlibrarian.net/14691704/mail-notification-add-gnutls.diff
--
IMAP/POP3+SSL/TLS are disabled
https://bugs.launchpad.net/bugs/44335
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
