diff options
author | Jun-ya Kato <kato@win6.jp> | 2021-06-07 00:52:14 +0000 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2021-06-08 16:10:39 +0200 |
commit | a3a298da5ee5bdc2199a819aa2a20df9b4d6268e (patch) | |
tree | 23f7918a1fb4c1e50c149b14df6e8a6d5ecdd505 /lib/vquic/ngtcp2.c | |
parent | 3ac9b80525d87004057bb7846cb0f3c6b3633bd7 (diff) | |
download | curl-a3a298da5ee5bdc2199a819aa2a20df9b4d6268e.tar.gz |
ngtcp2: disable TLSv1.3 compatible mode when using GnuTLS
The latest GnuTLS-3.7.2 implements disable switch for TLSv1.3 compatible
mode for middle box but it is enabled by default, which is unnecessary
for QUIC.
Fixes #6896
Closes #7202
Diffstat (limited to 'lib/vquic/ngtcp2.c')
-rw-r--r-- | lib/vquic/ngtcp2.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/vquic/ngtcp2.c b/lib/vquic/ngtcp2.c index 7f076759b..d1cd63dfb 100644 --- a/lib/vquic/ngtcp2.c +++ b/lib/vquic/ngtcp2.c @@ -86,7 +86,8 @@ struct h3out { #define QUIC_PRIORITY \ "NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM:+AES-256-GCM:" \ "+CHACHA20-POLY1305:+AES-128-CCM:-GROUP-ALL:+GROUP-SECP256R1:" \ - "+GROUP-X25519:+GROUP-SECP384R1:+GROUP-SECP521R1" + "+GROUP-X25519:+GROUP-SECP384R1:+GROUP-SECP521R1:" \ + "%DISABLE_TLS13_COMPAT_MODE" #endif static CURLcode ng_process_ingress(struct Curl_easy *data, |