On Tue, Jul 31, 2007 at 06:46:35AM -0500, David Favor wrote:
Jasper Bryant-Greene wrote:
Dovecot won't build against recent versions of GnuTLS. The problem starts
on line 34 of src/master/ssl-init-gnutls.c, where Dovecot generates DH
params using gnutls_dh_params_generate(), a function which no longer
exists [replaced with gnutls_dh_params_generate2()].
I'd fix it myself, but the signature of the function has changed to take
gnutls_dh_params_t rather than prime & generator, and I'm not keen on
hacking SSL code unless I really understand what's going on. It looks like
the code goes on to save & free those values.
I'm tracking HG and am happy to test any changes. Appreciate it if someone
with more knowledge of GnuTLS and perhaps this code in particular could
take a look.
Dovecot used to support both GNUTLS and OpenSSL libraries, but nowadays
only the OpenSSL code is working.
Does anyone know how much effort would be involved in making Dovecot
work with GNUTLS again? I need to deploy in an environment where using
OpenSSL is not possible.
If I can get an indication of how close to a working state the existing
code is, I might be keen to sort it out myself.
J