1
0
mirror of https://github.com/moparisthebest/wget synced 2024-07-03 16:38:41 -04:00

better backport availability for PFS feature

This commit is contained in:
Tim Ruehsen 2013-09-09 10:36:09 +02:00 committed by Giuseppe Scrivano
parent fbd9b9c16b
commit 0c9fb2b041
2 changed files with 9 additions and 3 deletions

View File

@ -1,3 +1,9 @@
2013-09-09 Tim Ruehsen <tim.ruehsen@gmx.de>
* gnutls.c (ssl_connect_wget): changed checking of option "PFS"
to be better prepared for some kinds of backports.
Reported by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2013-10-10 Giuseppe Scrivano <gscrivan@redhat.com> 2013-10-10 Giuseppe Scrivano <gscrivan@redhat.com>
* url.c (url_parse): Try to convert UTF-8 URLs to IDN. * url.c (url_parse): Try to convert UTF-8 URLs to IDN.

View File

@ -443,9 +443,9 @@ ssl_connect_wget (int fd, const char *hostname)
err = gnutls_priority_set_direct (session, "NORMAL:-VERS-SSL3.0", NULL); err = gnutls_priority_set_direct (session, "NORMAL:-VERS-SSL3.0", NULL);
break; break;
case secure_protocol_pfs: case secure_protocol_pfs:
if (gnutls_check_version("3.2.4")) err = gnutls_priority_set_direct (session, "PFS", NULL);
err = gnutls_priority_set_direct (session, "PFS", NULL); if (err != GNUTLS_E_SUCCESS)
else /* fallback if PFS is not available */
err = gnutls_priority_set_direct (session, "NORMAL:-RSA", NULL); err = gnutls_priority_set_direct (session, "NORMAL:-RSA", NULL);
break; break;
default: default: