The %COMPAT keyword no longer reduces security.

Introduced the LEGACY keyword which will enable the settings used in GnuTLS 3.2.x for NORMAL keyword. That is to be used in cases where compatibility with weak or misconfigured servers is required.
author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2014-03-27 11:13:42 +0100
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2014-03-27 11:13:42 +0100
commit: 9217399323f44b7a0502a21e8d415dcd2adf7c16 (patch)
tree: 7993d3b7463e58dcec71a75d04bfedda070e1c59 /lib/gnutls_int.h
parent: ded4b70aac7ba1a9910d4dd9f57f875c0baa5722 (diff)
download: gnutls-9217399323f44b7a0502a21e8d415dcd2adf7c16.tar.gz
1 files changed, 1 insertions, 2 deletions
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index 006f0635ea..3f0192b7b9 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -668,8 +668,7 @@ struct gnutls_priority_st {
 #define ENABLE_COMPAT(x) \
               (x)->allow_large_records = 1; \
               (x)->allow_wrong_pms = 1; \
-              (x)->dumbfw = 1; \
-              (x)->level = GNUTLS_SEC_PARAM_VERY_WEAK
+              (x)->dumbfw = 1
 
 /* DH and RSA parameters types.
  */
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2014-03-27 11:13:42 +0100
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2014-03-27 11:13:42 +0100
commit	9217399323f44b7a0502a21e8d415dcd2adf7c16 (patch)
tree	7993d3b7463e58dcec71a75d04bfedda070e1c59 /lib/gnutls_int.h
parent	ded4b70aac7ba1a9910d4dd9f57f875c0baa5722 (diff)
download	gnutls-9217399323f44b7a0502a21e8d415dcd2adf7c16.tar.gz