FS#49845 - [elinks] build with gnutls instead of openssl
Attached to Project:
Community Packages
Opened by Alif (alive4ever) - Saturday, 25 June 2016, 18:07 GMT
Last edited by Eli Schwartz (eschwartz) - Monday, 22 January 2018, 17:02 GMT
Opened by Alif (alive4ever) - Saturday, 25 June 2016, 18:07 GMT
Last edited by Eli Schwartz (eschwartz) - Monday, 22 January 2018, 17:02 GMT
|
Details
Description:
Default openssl built elinks is still supporting RC4 ciphers, despite of IANA warning on RFC7465 https://tools.ietf.org/html/rfc7465 Gnutls is an alternative TLS provider, probably safer because it doesn's support rc4 by default. Gnutls also supports additional modern ciphersuite, such as ECDHE-RSA-CHACHA20-POLY1305 (0xcca8) and ECDHE-ECDSA-CHACHA20-POLY1305 (0xcca9) Additional info: * elinks 0.13-16 Steps to reproduce: 1. Install elinks from community repository. 2. Open elinks and navigate to 'https://www.ssllabs.com/ssltest/viewMyClient.html' 3. Notice that some rc4 ciphers are still provided in the TLS handshake. |
This task depends upon
Closed by Eli Schwartz (eschwartz)
Monday, 22 January 2018, 17:02 GMT
Reason for closing: Fixed
Additional comments about closing: current versions of elinks do not list rc4 as supported, since ssl3 is no longer enabled in openssl
Monday, 22 January 2018, 17:02 GMT
Reason for closing: Fixed
Additional comments about closing: current versions of elinks do not list rc4 as supported, since ssl3 is no longer enabled in openssl