diff options
author | Dan Winship <danw@gnome.org> | 2009-06-03 20:13:38 -0400 |
---|---|---|
committer | Dan Winship <danw@gnome.org> | 2009-06-03 20:13:38 -0400 |
commit | 777af4c8ec7b73d3c2376091401c00cb945cd6fc (patch) | |
tree | 79beda8ee43bbf9d08a0741f7bfa220a3ef4ff32 | |
parent | 3dcdf7f79c319a3f392ffef3f26cde025e3a88f3 (diff) | |
download | libsoup-777af4c8ec7b73d3c2376091401c00cb945cd6fc.tar.gz |
More temporary SSL tweaking
Disable TLS 1.0 too, since some sites don't even support that (I'm
looking at you, PayPal). Eventually we'll want to make this be more
clever, and have it first try TLS 1.1 with extensions, and then fall
back to SSL 3.0 if the server gets confused by the new stuff. But that
will take some rewriting.
-rw-r--r-- | libsoup/soup-gnutls.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/libsoup/soup-gnutls.c b/libsoup/soup-gnutls.c index 90acb5b9..46b4188e 100644 --- a/libsoup/soup-gnutls.c +++ b/libsoup/soup-gnutls.c @@ -447,7 +447,7 @@ soup_ssl_wrap_iochannel (GIOChannel *sock, gboolean non_blocking, goto THROW_CREATE_ERROR; /* See http://bugzilla.gnome.org/show_bug.cgi?id=581342 */ - if (gnutls_priority_set_direct (session, "NORMAL:!VERS-TLS1.1", NULL) != 0) + if (gnutls_priority_set_direct (session, "NORMAL:!VERS-TLS1.1:!VERS-TLS1.0", NULL) != 0) goto THROW_CREATE_ERROR; if (gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, |