[libsoup/gnome-2-26] More temporary SSL tweaking
- From: Dan Winship <danw src gnome org>
- To: svn-commits-list gnome org
- Subject: [libsoup/gnome-2-26] More temporary SSL tweaking
- Date: Mon, 29 Jun 2009 22:47:36 +0000 (UTC)
commit bc74c838f5ddfb8de0636ea06c80a680ce8760c0
Author: Dan Winship <danw gnome org>
Date: Wed Jun 3 20:13:38 2009 -0400
More temporary SSL tweaking
Disable TLS 1.0 too, since some sites don't even support that (I'm
looking at you, PayPal). Eventually we'll want to make this be more
clever, and have it first try TLS 1.1 with extensions, and then fall
back to SSL 3.0 if the server gets confused by the new stuff. But that
will take some rewriting.
libsoup/soup-gnutls.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/libsoup/soup-gnutls.c b/libsoup/soup-gnutls.c
index 90acb5b..46b4188 100644
--- a/libsoup/soup-gnutls.c
+++ b/libsoup/soup-gnutls.c
@@ -447,7 +447,7 @@ soup_ssl_wrap_iochannel (GIOChannel *sock, gboolean non_blocking,
goto THROW_CREATE_ERROR;
/* See http://bugzilla.gnome.org/show_bug.cgi?id=581342 */
- if (gnutls_priority_set_direct (session, "NORMAL:!VERS-TLS1.1", NULL) != 0)
+ if (gnutls_priority_set_direct (session, "NORMAL:!VERS-TLS1.1:!VERS-TLS1.0", NULL) != 0)
goto THROW_CREATE_ERROR;
if (gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE,
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]