'gnutls-cli -d 9999 --insecure -p 443 post.craigslist.org' fails with 3.0.20

Thu Aug 2 06:01:51 CEST 2012

Great suggestion, except for applications that use glib-networking there
is no way to set the priority beyond the defaults.

We're working on glib-networking folks, but is there any consideration
to permit random applications to over-ride the defaults?

Thanks,

Penned by Nikos Mavrogiannopoulos on 20120801 18:33.02, we have:
| On 07/30/2012 07:18 PM, Todd T. Fries wrote:
| 
| > |<2>| p11: loaded provider 'gnome-keyring-module' with 0 slots
| > |<2>| ASSERT: pkcs11.c:459
| > Processed 152 CA certificate(s).
| > Resolving 'post.craigslist.org'...
| > Connecting to '208.82.238.151:443'...
| > |<4>| REC[0x73118]: Allocating epoch #0
| > |<1>| Note that the security level of the Diffie-Hellman key exchange has been lowered to 512 bits and this may allow decryption of the session data
| 
| > *** Fatal error: The TLS connection was non-properly terminated.
| 
| Hello,
|  Thanks for the report. It seems there are several broken servers out
| there (the server is closing the connection for some reason). You can
| avoid them by using one of priority strings listed at:
| http://www.gnu.org/software/gnutls/manual/html_node/Interoperability.html
| 
| regards,
| Nikos

-- 
Todd Fries .. todd at fries.net

 _____________________________________________
|                                             \  1.636.410.0632 (voice)
| Free Daemon Consulting, LLC                 \  1.405.227.9094 (voice)
| http://FreeDaemonConsulting.com             \  1.866.792.3418 (FAX)
| 2525 NW Expy #525, Oklahoma City, OK 73112  \  sip:freedaemon at ekiga.net
| "..in support of free software solutions."  \  sip:4052279094 at ekiga.net
 \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

              37E7 D3EB 74D0 8D66 A68D  B866 0326 204E 3F42 004A
                        http://todd.fries.net/pgp.txt