On 2015-04-18 Andreas Metzler <ametz...@bebt.de> wrote: > Package: libiksemel > Version: 1.4-2 > Severity: normal > User: ametz...@debian.org > Usertags: gnutls34
> Hello, > the package FTBFS against the recently released GnuTLS 3.4.0: [...] > ../src/.libs/libiksemel.so: undefined reference to `gnutls_mac_set_priority' > ../src/.libs/libiksemel.so: undefined reference to > `gnutls_protocol_set_priority' > ../src/.libs/libiksemel.so: undefined reference to `gnutls_kx_set_priority' > ../src/.libs/libiksemel.so: undefined reference to > `gnutls_cipher_set_priority' > ../src/.libs/libiksemel.so: undefined reference to > `gnutls_compression_set_priority' [...] The respective code seems to be this one: src/tls-gnutls.c const int protocol_priority[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 }; const int kx_priority[] = { GNUTLS_KX_RSA, 0 }; const int cipher_priority[] = { GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR, 0}; const int comp_priority[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 }; const int mac_priority[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 }; [...] gnutls_protocol_set_priority (data->sess, protocol_priority); gnutls_cipher_set_priority(data->sess, cipher_priority); gnutls_compression_set_priority(data->sess, comp_priority); gnutls_kx_set_priority(data->sess, kx_priority); gnutls_mac_set_priority(data->sess, mac_priority); Is there a good reason for this selection? Enabling SSL3.0 and disabling TLS1.1 and TLS1.2, allowing MD5 as MAC but not SHA256. etc. If there is not a very good reason for just move to gnutls_set_default_priority(). cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org