FS#49845 - [elinks] build with gnutls instead of openssl

Attached to Project: Community Packages
Opened by Alif (alive4ever) - Saturday, 25 June 2016, 18:07 GMT
Last edited by Eli Schwartz (eschwartz) - Monday, 22 January 2018, 17:02 GMT
Task Type Feature Request
Category Packages
Status Closed
Assigned To Kyle Keen (keenerd)
Architecture All
Severity Very Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
Default openssl built elinks is still supporting RC4 ciphers, despite of IANA warning on RFC7465
https://tools.ietf.org/html/rfc7465

Gnutls is an alternative TLS provider, probably safer because it doesn's support rc4 by default. Gnutls
also supports additional modern ciphersuite, such as ECDHE-RSA-CHACHA20-POLY1305 (0xcca8) and
ECDHE-ECDSA-CHACHA20-POLY1305 (0xcca9)

Additional info:
* elinks 0.13-16


Steps to reproduce:
1. Install elinks from community repository.
2. Open elinks and navigate to 'https://www.ssllabs.com/ssltest/viewMyClient.html'
3. Notice that some rc4 ciphers are still provided in the TLS handshake.
This task depends upon

Closed by  Eli Schwartz (eschwartz)
Monday, 22 January 2018, 17:02 GMT
Reason for closing:  Fixed
Additional comments about closing:  current versions of elinks do not list rc4 as supported, since ssl3 is no longer enabled in openssl

Loading...