Package: ekg2
Version: 1:0.4~pre+20120506.1-13
Severity: minor
Tags: upstream
User: ametz...@bebt.de
Usertags: deprecated-gnutls-3.6
Hello,
ekg2 contains this code ...
upstream:
/* XXX here. old tls code do: j->parser = NULL. check if needed
*/
#ifdef HAVE_LIBGNUTLS
/* Allow connections to servers that have OpenPGP keys as well.
*/
const int cert_type_priority[3] = {GNUTLS_CRT_X509,
GNUTLS_CRT_OPENPGP, 0};
const int comp_type_priority[3] = {GNUTLS_COMP_ZLIB,
GNUTLS_COMP_NULL, 0};
#endif
[...]
gnutls_set_default_priority(j->ssl_session);
gnutls_certificate_type_set_priority(j->ssl_session,
cert_type_priority);
as patched by Debian:
gnutls_priority_set_direct(j->ssl_session, "NORMAL:+CTYPE-OPENPGP", NULL);
i.e. it explicitely enables gnutls support for openpgp certificates.
GnuTLS stopped enabling OPENPGP certificates by default in 3.0.2 (Sept
2011). OpenPGP support in gnutls was marked deprecated in 3.5.9 and was
removed in 3.6.0. (Noop stub functions are still shipped to avoid ABI
breakage.)
Therefore imho it makes sense to drop the pgp/gnutls code from ekg2.
cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
