Martin von Gagern wrote: > Nikos Mavrogiannopoulos wrote: >> The commit below adds a priority string called SSL3_RECORD_VERSION >> that forces a compatibility mode where an SSL 3.0 record version is set >> on the client hello. I have backported it to 2.6 branch as well. > > Thanks a lot! I'll test that, and get back to you if anything doesn't > work as expected. Otherwise that seems like a suitable solution.
The implementation itself seems to work well enough, thanks for that! You might want to check the generated documentation, though. Looking at the man page of gnutls_priority_init(3), it looks like gdoc was eating the percent signs, while nroff eats lines starting with an apostrophe. It would also be nice to have a test in gnutls-cli-debug, to see whether a connection can be established with SSL3 record version but TLS1.1 client hello version, and if so, what version was actually negotiated. Greetings, Martin
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
