GnuTLS priority strings

help-gnutls

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

GnuTLS priority strings

From:	Martin Lambers
Subject:	GnuTLS priority strings
Date:	Mon, 25 Apr 2011 20:57:28 +0200
User-agent:	Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.14) Gecko/20110223 Thunderbird/3.1.8

Hi all,

I have some trouble with priority strings since
gnutls_protocol_set_priority() is deprecated:

Both msmtp and mpop can pass user-specified priority strings to GnuTLS,
and both also provide the independent option to force SSLv3.

Up until now, I could specifiy the priority string with
gnutls_priority_set_direct() and subsequently use
gnutls_protocol_set_priority() to force SSLv3, and this worked as expected.

To avoid using a deprecated function, I now need to force SSLv3 by
extending a given priority string.

I tried to append ":-VERS-TLS-ALL:+VERS-SSL3.0" (e.g.
"NORMAL:-VERS-TLS-ALL:+VERS-SSL3.0"), but this does not work: it still
results in other TLS versions being enabled. Apparently later entries do
not override previous entries. So how should this be done instead?

Regards,
Martin

[Prev in Thread]

Current Thread

[Next in Thread]

GnuTLS priority strings, Martin Lambers <=
- Re: GnuTLS priority strings, Nikos Mavrogiannopoulos, 2011/04/25
  - Re: GnuTLS priority strings, Martin Lambers, 2011/04/25
    - Re: GnuTLS priority strings, Nikos Mavrogiannopoulos, 2011/04/26
    - Re: GnuTLS priority strings, Martin Lambers, 2011/04/26

Prev by Date: Re: Optimize GNUTLS for performance
Next by Date: Re: GnuTLS priority strings
Previous by thread: Optimize GNUTLS for performance
Next by thread: Re: GnuTLS priority strings
Index(es):
- Date
- Thread