[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: gnutls 2.9.10 breaks exim4 TLS (Denying unsafe (re)negotiation.)
From: |
Nikos Mavrogiannopoulos |
Subject: |
Re: gnutls 2.9.10 breaks exim4 TLS (Denying unsafe (re)negotiation.) |
Date: |
Tue, 18 May 2010 21:16:33 +0200 |
User-agent: |
Thunderbird 2.0.0.24 (X11/20100411) |
Andreas Metzler wrote:
> Hello,
> Doable, but not without pain. Exim exposes the gnutls_priority_*
> functions to the user (see options tls_require_ciphers et al in
> http://docs.exim.org/current/spec_html/ch39.html#SECTreqciphgnu)
> switching would cause an configuration file syntax change. - It could
> either ignore the old settings while still warning about them or
> throw an error (invalid setting).
Correct patch attached (compiles).
regards,
Nikos
diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c
index 6cc8b68..84e53be 100644
--- a/lib/gnutls_state.c
+++ b/lib/gnutls_state.c
@@ -350,6 +350,11 @@ gnutls_init (gnutls_session_t * session,
gnutls_connection_end_t con_end)
_gnutls_handshake_internal_state_init (*session);
+ /* emulate old gnutls behavior for old applications that do not use the
priority_*
+ * functions.
+ */
+ (*session)->internals.priorities.unsafe_renegotiation = 1;
+
return 0;
}