Do not explicitly disable SSLv3 if GnuTLS does it already.
Starting with GnuTLS 3.4.0, SSL 3.0 is no longer included in the default priorities list.
This commit is contained in:
Andrej Kacian
parent
f4e859902a
commit
b88c772b96
1 changed files with 2 additions and 0 deletions
|
|
@ -330,9 +330,11 @@ gboolean ssl_init_socket(SockInfo *sockinfo)
|
|||
debug_print("Setting GnuTLS priority to %s, status = %d\n",
|
||||
sockinfo->gnutls_priority, r);
|
||||
}
|
||||
#ifdef GNUTLS_VERSION_NUMBER < 0x030400
|
||||
else {
|
||||
gnutls_priority_set_direct(session, "NORMAL:-VERS-SSL3.0", NULL);
|
||||
}
|
||||
#endif
|
||||
gnutls_record_disable_padding(session);
|
||||
|
||||
gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, xcred);
|
||||
|
|
|
|||
Loading…
Reference in a new issue