There is a Debian patch (debian/patches/01-374327-use-gnutls.patch) that changed ssmtp to link with GnuTLS OpenSSL compat layer. If I drop this patch and link with "-lssl -lcrypto", ssmtp has no problem using TLSv1.2 and AES GCM:
$ tshark -ta -Vr submission-openssl.pcap | sed -n '/^Frame 11:/,/^Frame 12:/ p' | grep -E '^[[:space:]]+(Version|Cipher|Handshake Protocol)' Version: TLS 1.0 (0x0301) Handshake Protocol: Client Hello Version: TLS 1.2 (0x0303) Cipher Suites Length: 170 Cipher Suites (85 suites) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) ... Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) ... Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)
There is a Debian patch (debian/ patches/ 01-374327- use-gnutls. patch) that changed ssmtp to link with GnuTLS OpenSSL compat layer. If I drop this patch and link with "-lssl -lcrypto", ssmtp has no problem using TLSv1.2 and AES GCM:
$ tshark -ta -Vr submission- openssl. pcap | sed -n '/^Frame 11:/,/^Frame 12:/ p' | grep -E '^[[:space: ]]+(Version| Cipher| Handshake Protocol)'
Version: TLS 1.2 (0x0303)
Cipher Suite: TLS_ECDHE_ RSA_WITH_ AES_256_ GCM_SHA384 (0xc030)
Cipher Suite: TLS_ECDHE_ RSA_WITH_ AES_128_ GCM_SHA256 (0xc02f)
Cipher Suite: TLS_EMPTY_ RENEGOTIATION_ INFO_SCSV (0x00ff)
Version: TLS 1.0 (0x0301)
Handshake Protocol: Client Hello
Cipher Suites Length: 170
Cipher Suites (85 suites)
...
...