| Summary: | ASTERISK-25543: replace openssl with GnuTLS | ||
| Reporter: | Max (god) | Labels: | |
| Date Opened: | 2015-11-11 05:42:33.000-0600 | Date Closed: | 2015-11-11 09:35:56.000-0600 |
| Priority: | Major | Regression? | |
| Status: | Closed/Complete | Components: | |
| Versions: | Frequency of Occurrence | ||
| Related Issues: | |||
| Environment: | Attachments: | ||
| Description: | OpenSSL does not only have BSD license contrary to this project, it's also well known for huge amount of deadly security vulnerabilities, even before heartbleed.
It would be nice if I could avoid bringing in such a library just because of Asterisk - having support for GnuTLS will let the user to make such a choice. Using http://www.gnutls.org/manual/html_node/Compatibility-with-the-OpenSSL-library.html will aid with the transition. | ||
| Comments: | By: Asterisk Team (asteriskteam) 2015-11-11 05:42:34.596-0600 Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution. A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report. Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process]. By: Rusty Newton (rnewton) 2015-11-11 09:35:45.422-0600 Features requests without patches are not accepted through the issue tracker. Features requests are openly discussed on the mailing lists, forums, and IRC [1]. Please see the Asterisk Issue Guidelines [2] for more information on feature request and patch submission. [1] http://asterisk.org/community/discuss [2] https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines | ||