[glib-networking] Reenable TLS 1.0/1.1 due to COVID-19



commit 9e9715da9f83dbfe987ef3d3c3247dde83672bce
Author: Michael Catanzaro <mcatanzaro gnome org>
Date:   Fri Apr 3 15:09:10 2020 -0500

    Reenable TLS 1.0/1.1 due to COVID-19
    
    Safari wound up downgrading its security indicator instead of blocking
    the content. Firefox and Chrome have backed off because some government
    website with COVID-19 info was still using TLS 1.0. Incredibly stupid
    way to back away from deprecating these protocols, but glib-networking
    is not going to be first here.

 tls/gnutls/gtlsconnection-gnutls.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
---
diff --git a/tls/gnutls/gtlsconnection-gnutls.c b/tls/gnutls/gtlsconnection-gnutls.c
index 99a22b6..6a3edf6 100644
--- a/tls/gnutls/gtlsconnection-gnutls.c
+++ b/tls/gnutls/gtlsconnection-gnutls.c
@@ -1052,7 +1052,7 @@ initialize_gnutls_priority (void)
       return;
     }
 
-  ret = gnutls_priority_init2 (&priority, "%COMPAT:-VERS-TLS1.1:-VERS-TLS1.0", &error_pos, 
GNUTLS_PRIORITY_INIT_DEF_APPEND);
+  ret = gnutls_priority_init2 (&priority, "%COMPAT", &error_pos, GNUTLS_PRIORITY_INIT_DEF_APPEND);
   if (ret != GNUTLS_E_SUCCESS)
     g_warning ("Failed to set GnuTLS session priority with error beginning at %s: %s", error_pos, 
gnutls_strerror (ret));
 }


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]