Use NORMAL priority for SSLv23_*_method.

Instead of enforcing TLS1.0/SSL3.0 use gnutls NORMAL priority for SSLv23_*_methods. http://bugs.debian.org/857436
author: Andreas Metzler <ametzler@bebt.de> 2017-04-02 17:56:15 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2017-04-03 19:35:54 +0200
commit: 363056f7db6f61f818523888085638e85c6a81f7 (patch)
tree: a73acb2e5de7bdba5ca3e5edeca8430fd0292afb /extra
parent: eb31ab90e0b97d1b6c571dfcc6010f65574861d8 (diff)
download: gnutls-363056f7db6f61f818523888085638e85c6a81f7.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/extra/gnutls_openssl.c b/extra/gnutls_openssl.c
index 4ec0698706..0bc4c5a1b4 100644
--- a/extra/gnutls_openssl.c
+++ b/extra/gnutls_openssl.c
@@ -483,7 +483,7 @@ SSL_METHOD *SSLv23_client_method(void)
 		return NULL;
 
 	strcpy(m->priority_string,
-	       "NONE:+VERS-TLS1.0:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");
+	       "NORMAL");
 
 	m->connend = GNUTLS_CLIENT;
 
@@ -498,7 +498,7 @@ SSL_METHOD *SSLv23_server_method(void)
 		return NULL;
 
 	strcpy(m->priority_string,
-	       "NONE:+VERS-TLS1.0:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");
+	       "NORMAL");
 	m->connend = GNUTLS_SERVER;
 
 	return m;
author	Andreas Metzler <ametzler@bebt.de>	2017-04-02 17:56:15 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2017-04-03 19:35:54 +0200
commit	363056f7db6f61f818523888085638e85c6a81f7 (patch)
tree	a73acb2e5de7bdba5ca3e5edeca8430fd0292afb /extra
parent	eb31ab90e0b97d1b6c571dfcc6010f65574861d8 (diff)
download	gnutls-363056f7db6f61f818523888085638e85c6a81f7.tar.gz