moparisthebest/wget
1
0
Fork 0
mirror of https://github.com/moparisthebest/wget synced 2024-07-03 16:38:41 -04:00
Code Issues Releases Wiki Activity

PFS runtime check

Browse Source
This commit is contained in:
Tim Ruehsen 2013-09-07 21:34:37 +02:00 committed by Giuseppe Scrivano
parent eaf2fc9a4f
commit e1fc2057c7
2 changed files with 10 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/ChangeLog
View File

@ -1,3 +1,9 @@
2013-09-07 Tim Ruehsen <tim.ruehsen@gmx.de>
* gnutls.c (ssl_connect_wget): use gnutls_check_version()
to check if option "PFS" is available
Reported by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2013-09-03 Tim Ruehsen <tim.ruehsen@gmx.de>
* main.c: Add new value 'PFS' to --secure-protocol to

9
src/gnutls.c
View File

@ -443,11 +443,10 @@ ssl_connect_wget (int fd, const char *hostname)
err = gnutls_priority_set_direct (session, "NORMAL:-VERS-SSL3.0", NULL);
break;
case secure_protocol_pfs:
#if defined (GNUTLS_VERSION_NUMBER) && GNUTLS_VERSION_NUMBER >= 0x030204
err = gnutls_priority_set_direct (session, "PFS", NULL);
#else
err = gnutls_priority_set_direct (session, "NORMAL:-RSA", NULL);
#endif
if (gnutls_check_version("3.2.4"))
err = gnutls_priority_set_direct (session, "PFS", NULL);
else
err = gnutls_priority_set_direct (session, "NORMAL:-RSA", NULL);
break;
default:
abort ();