Pardon if that was asked before, but are there port of stunnel to GnuTLS available somewhere? With recent fallout from heartbleed I'm looking into getting rid of openssl (besides I've never liked the license anyway :) and stunnel is one of the very few programs which got dependency on it.
cheers, Max.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Max wrote:
Pardon if that was asked before, but are there port of stunnel to GnuTLS available somewhere? With recent fallout from heartbleed I'm looking into getting rid of openssl (besides I've never liked the license anyway :) and stunnel is one of the very few programs which got dependency on it.
I'm not aware of such port. I don't think the code quality of GnuTLS is really significantly higher than the code quality of OpenSSL. http://www.gnutls.org/security.html For example the recent CVE-2014-3466 seems as critical as heartbleed...
OpenSSL suffers from their previous policy of never removing (and scarcely ever refactoring) any implemented code. I hope this policy will change with the significant financial support they recently received.
Mike
-
Max -
Michal Trojnara