[gnutls-help] priority strings
Andreas Metzler
ametzler at bebt.de
Sat Aug 11 07:01:35 CEST 2018
Jeremy Harris <jgh at wizmail.org> wrote:
> My code is trying to do:
> gnutls_priority_init(NONE:+VERS-TLS-ALL:+MAC-ALL:+RSA:+AES-128-CBC:+CAMELLIA-256-GCM:+SIGN-ALL:+COMP-NULL)
> This used to work, I think with a previous library version.
> Under GnuTLS 3.6.3 (on f28) I'm getting:
> "failed at offset 0, "NONE:+VE.." failed: No or insufficient priorities were set".
> The manual at https://gnutls.org/manual/html_node/Priority-Strings.html still
> says, in Table 6.3 for "NONE":
> "Means nothing is enabled. This disables even protocol versions.
> It should be followed by the algorithms to be enabled."
> What should I now be using?
Hello,
playing around with
gnutls-cli -l --priority '...'
it looks like adding ':+GROUP-ALL' succeeds. I am not sure this makes
sense, though, and it has the downside of not being accepted by GnuTLS
3.5.x.
How about
NORMAL:-VERS-ALL:+VERS-TLS-ALL:-KX-ALL:+RSA:-CIPHER-ALL:+AES-128-CBC:+CAMELLIA-256-GCM:-COMP-ALL:+COMP-NULL
cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
More information about the Gnutls-help
mailing list