[gnutls-help] priority strings

Nikos Mavrogiannopoulos nmav at gnutls.org
Mon Aug 20 15:06:26 CEST 2018

On Mon, Aug 20, 2018 at 2:59 PM, Nikos Mavrogiannopoulos
<nmav at gnutls.org> wrote:
>>>> How about
>>> That is certainly much better, but from the perspective of someone who
>>> has seen numerous of these priority strings in applications, I'd
>>> really recommend using the defaults.
>> The use-case here is for testing an application.  So I need
>> to be able to set odd combinations, for example to check
>> what happens at application level when the TL connect
>> fails for lack of compatible key-exchange.
>> Having to make the testsuite tls-library-version aware
>> would be sucky.
>> Also fails, presumably for equivalent reasons:
>> gnutls_priority_init(NORMAL:!MAC-ALL:+MD5) failed at offset 0,
>> "NORMAL.."): No or insufficient priorities were set.
> Because you are adding MD5 which is only available in combination with
> RC4. RC4 is no longer included in the NORMAL set, so you'd need
> something like:

Do you have a list of strings with NONE that fail with 3.6.x? Maybe we
can have a work-around and enable any missing items in that case,
though it will be tricky to distinguish intentional leaving out of
parameters and unintentional one.


More information about the Gnutls-help mailing list