github
/
aria2
mirror of https://github.com/aria2/aria2
1
0
Fork 0
Code Issues Releases Wiki Activity

2009-07-09 Tatsuhiro Tsujikawa <t-tujikawa@users.sourceforge.net> 

Removed TLS1.1 protocol support when aria2 is built with gnutls
	for compatibility issue.
	* src/SocketCore.cc
pull/1/head
Tatsuhiro Tsujikawa 2009-07-08 15:38:40 +00:00
parent 96113c0745
commit 53d2a64cc5
2 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog
View File

@ -1,3 +1,9 @@
2009-07-09 Tatsuhiro Tsujikawa <t-tujikawa@users.sourceforge.net>
Removed TLS1.1 protocol support when aria2 is built with gnutls
for compatibility issue.
* src/SocketCore.cc
2009-07-09 Tatsuhiro Tsujikawa <t-tujikawa@users.sourceforge.net> 2009-07-09 Tatsuhiro Tsujikawa <t-tujikawa@users.sourceforge.net>
Fixed compile error with openSSL Fixed compile error with openSSL

12
src/SocketCore.cc
View File

@ -742,8 +742,18 @@ void SocketCore::prepareSecureConnection()
} }
#endif // HAVE_LIBSSL #endif // HAVE_LIBSSL
#ifdef HAVE_LIBGNUTLS #ifdef HAVE_LIBGNUTLS
int r;
gnutls_init(&sslSession, GNUTLS_CLIENT); gnutls_init(&sslSession, GNUTLS_CLIENT);
gnutls_set_default_priority(sslSession); // It seems err is not error message, but the argument string
// which causes syntax error.
const char* err;
// Disables TLS1.1 here because there are servers that don't
// understand TLS1.1.
r = gnutls_priority_set_direct(sslSession, "NORMAL:!VERS-TLS1.1", &err);
if(r != GNUTLS_E_SUCCESS) {
throw DL_ABORT_EX
(StringFormat(EX_SSL_INIT_FAILURE, gnutls_strerror(r)).str());
}
// put the x509 credentials to the current session // put the x509 credentials to the current session
gnutls_credentials_set(sslSession, GNUTLS_CRD_CERTIFICATE, gnutls_credentials_set(sslSession, GNUTLS_CRD_CERTIFICATE,
_tlsContext->getCertCred()); _tlsContext->getCertCred());