Use NORMAL priority for SSLv23_*_method.

Instead of enforcing TLS1.0/SSL3.0 use gnutls NORMAL priority for SSLv23_*_methods. http://bugs.debian.org/857436
author: Andreas Metzler <ametzler@bebt.de> 2017-04-02 17:56:15 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2017-04-03 19:37:21 +0200
commit: 6494eb033439afb788e2da49401b6a8936bac43b (patch)
tree: 034ebf1cafe75667a7a2bec30c7eac3e18af0dfc
parent: 15b10cf3e1b0ddde20dc835e4f0056f49772c41f (diff)
download: gnutls-6494eb033439afb788e2da49401b6a8936bac43b.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/extra/gnutls_openssl.c b/extra/gnutls_openssl.c
index 4ec0698706..0bc4c5a1b4 100644
--- a/extra/gnutls_openssl.c
+++ b/extra/gnutls_openssl.c
@@ -483,7 +483,7 @@ SSL_METHOD *SSLv23_client_method(void)
 		return NULL;
 
 	strcpy(m->priority_string,
-	       "NONE:+VERS-TLS1.0:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");
+	       "NORMAL");
 
 	m->connend = GNUTLS_CLIENT;
 
@@ -498,7 +498,7 @@ SSL_METHOD *SSLv23_server_method(void)
 		return NULL;
 
 	strcpy(m->priority_string,
-	       "NONE:+VERS-TLS1.0:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");
+	       "NORMAL");
 	m->connend = GNUTLS_SERVER;
 
 	return m;
author	Andreas Metzler <ametzler@bebt.de>	2017-04-02 17:56:15 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2017-04-03 19:37:21 +0200
commit	6494eb033439afb788e2da49401b6a8936bac43b (patch)
tree	034ebf1cafe75667a7a2bec30c7eac3e18af0dfc
parent	15b10cf3e1b0ddde20dc835e4f0056f49772c41f (diff)
download	gnutls-6494eb033439afb788e2da49401b6a8936bac43b.tar.gz