From: Lucas De Marchi <lucas.demarchi@profusion.mobi>
Date: Fri, 1 Jul 2011 23:50:54 +0000 (-0300)
Subject: gweb: Use GnuTLS priority string to provide wide compatibility
X-Git-Tag: 0.76~45
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=c53b8dc36b7aa240343b507cfc6ff5194ff9f2eb;hp=2383e638e96608671abbc51b94a9a32cf87e1a1e;p=platform%2Fupstream%2Fconnman.git

gweb: Use GnuTLS priority string to provide wide compatibility

This priority string will only enable SSL 3.0 and TLS 1.0 as protocols
and will disable, via the %COMPAT keyword, several TLS protocol options
that are known to cause compatibility problems.

Reference: http://www.gnu.org/software/gnutls/manual/html_node/Interoperability.html#Interoperability
---

diff --git a/gweb/giognutls.c b/gweb/giognutls.c
index 887109a..db061b1 100644
--- a/gweb/giognutls.c
+++ b/gweb/giognutls.c
@@ -449,7 +449,8 @@ GIOChannel *g_io_channel_gnutls_new(int fd)
 #endif
 
 	gnutls_priority_set_direct(gnutls_channel->session,
-				"NORMAL:!VERS-TLS1.1:!VERS-TLS1.0", NULL);
+		"NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0:+VERS-SSL3.0:%COMPAT",
+		NULL);
 
 	gnutls_certificate_allocate_credentials(&gnutls_channel->cred);
 	gnutls_credentials_set(gnutls_channel->session,