This priority string will only enable SSL 3.0 and TLS 1.0 as protocols and will disable, via the %COMPAT keyword, several TLS protocol options that are known to cause compatibility problems.
Reference: http://www.gnu.org/software/gnutls/manual/html_node/Interoperability.html#Interoperability --- gweb/giognutls.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/gweb/giognutls.c b/gweb/giognutls.c index 887109a..db061b1 100644 --- a/gweb/giognutls.c +++ b/gweb/giognutls.c @@ -449,7 +449,8 @@ GIOChannel *g_io_channel_gnutls_new(int fd) #endif gnutls_priority_set_direct(gnutls_channel->session, - "NORMAL:!VERS-TLS1.1:!VERS-TLS1.0", NULL); + "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0:+VERS-SSL3.0:%COMPAT", + NULL); gnutls_certificate_allocate_credentials(&gnutls_channel->cred); gnutls_credentials_set(gnutls_channel->session, -- 1.7.6 _______________________________________________ connman mailing list [email protected] http://lists.connman.net/listinfo/connman
