Michael Meyer <[email protected]> writes: > *** Simon Josefsson <[email protected]> wrote: >> Nikos Mavrogiannopoulos <[email protected]> writes: >> > Michael Meyer wrote: > >> >>>> http://pastebin.com/f56a825f6 >> >>> gnutls-cli --disable-extensions -p 5556 GFDGFDGSFD -d 4711 -V --priority >> >>> "NORMAL:%COMPAT:-VERS-TLS1.1:-CTYPE-OPENPGP" >> > >> > He needs to add +ARCFOUR-40 and +RSA-EXPORT as well. They are not >> > enabled by default. > > I've tried with +ARCFOUR-40 but never with +RSA-EXPORT. > >> Michael can you try that? Also try %SSL3_RECORD_VERSION. > > gnutls-cli -p 5556 GFDGFDGSFD --priority > "NORMAL:%COMPAT:-VERS-TLS1.1:+ARCFOUR-40:+RSA-EXPORT" > > That's it. It works. http://pastebin.com/m357f13b2
Do you need all of them? Try removing each of them until it breaks, and until you have tried removing all items. > Any hints how to make this work also with C-code? :) One of our > C-Developers ask me that. We are looking for the best way to > *always* get a connection in C? Even if there is something > "strange" on the remote side. Call something like this: rc = gnutls_priority_set_direct (session, "NORMAL:%COMPAT....", NULL); http://www.gnu.org/software/gnutls/reference/gnutls-gnutls.html#gnutls-priority-set-direct http://www.gnu.org/software/gnutls/reference/gnutls-gnutls.html#gnutls-priority-init /Simon _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
