gweb: Use GnuTLS priority string to provide wide compatibility

This priority string will only enable SSL 3.0 and TLS 1.0 as protocols and will disable, via the %COMPAT keyword, several TLS protocol options that are known to cause compatibility problems. Reference: http://www.gnu.org/software/gnutls/manual/html_node/Interoperability.html#Interoperability
author: Lucas De Marchi <lucas.demarchi@profusion.mobi> 2011-07-01 20:50:54 -0300
committer: Marcel Holtmann <marcel@holtmann.org> 2011-07-01 20:04:37 -0700
commit: c53b8dc36b7aa240343b507cfc6ff5194ff9f2eb (patch)
tree: 22f83710c13a324e05f612fc5f8cb1b365a574ca /gweb
parent: 2383e638e96608671abbc51b94a9a32cf87e1a1e (diff)
download: connman-c53b8dc36b7aa240343b507cfc6ff5194ff9f2eb.tar.gz
connman-c53b8dc36b7aa240343b507cfc6ff5194ff9f2eb.tar.bz2
connman-c53b8dc36b7aa240343b507cfc6ff5194ff9f2eb.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/gweb/giognutls.c b/gweb/giognutls.c
index 887109a2..db061b1f 100644
--- a/gweb/giognutls.c
+++ b/gweb/giognutls.c
@@ -449,7 +449,8 @@ GIOChannel *g_io_channel_gnutls_new(int fd)
 #endif
 
 	gnutls_priority_set_direct(gnutls_channel->session,
-				"NORMAL:!VERS-TLS1.1:!VERS-TLS1.0", NULL);
+		"NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0:+VERS-SSL3.0:%COMPAT",
+		NULL);
 
 	gnutls_certificate_allocate_credentials(&gnutls_channel->cred);
 	gnutls_credentials_set(gnutls_channel->session,
author	Lucas De Marchi <lucas.demarchi@profusion.mobi>	2011-07-01 20:50:54 -0300
committer	Marcel Holtmann <marcel@holtmann.org>	2011-07-01 20:04:37 -0700
commit	c53b8dc36b7aa240343b507cfc6ff5194ff9f2eb (patch)
tree	22f83710c13a324e05f612fc5f8cb1b365a574ca /gweb
parent	2383e638e96608671abbc51b94a9a32cf87e1a1e (diff)
download	connman-c53b8dc36b7aa240343b507cfc6ff5194ff9f2eb.tar.gz connman-c53b8dc36b7aa240343b507cfc6ff5194ff9f2eb.tar.bz2 connman-c53b8dc36b7aa240343b507cfc6ff5194ff9f2eb.zip