gnutls: explicitly added SRP to the priority string (447c31ce) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP curl

RELEASE-NOTES

+1 −0

Original line number	Diff line number	Diff line
		@@ -39,6 +39,7 @@ This release includes the following bugfixes:
		o tool: prevent valgrind from reporting possibly lost memory (nss only)
		o nss: fix a memory leak when CURLOPT_CRLFILE is used
		o gnutls: ignore invalid certificate dates with VERIFYPEER disabled
		o gnutls: fix SRP support with versions of GnuTLS from 2.99.0
		o

		This release includes the following known bugs:

+4 −4

Original line number	Diff line number	Diff line
		@@ -544,19 +544,19 @@ gtls_connect_step1(struct connectdata *conn,
		break;
		case CURL_SSLVERSION_DEFAULT:
		case CURL_SSLVERSION_TLSv1:
		prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0";
		prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:+SRP";
		break;
		case CURL_SSLVERSION_TLSv1_0:
		prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
		"+VERS-TLS1.0";
		"+VERS-TLS1.0:+SRP";
		break;
		case CURL_SSLVERSION_TLSv1_1:
		prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
		"+VERS-TLS1.1";
		"+VERS-TLS1.1:+SRP";
		break;
		case CURL_SSLVERSION_TLSv1_2:
		prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
		"+VERS-TLS1.2";
		"+VERS-TLS1.2:+SRP";
		break;
		case CURL_SSLVERSION_SSLv2:
		default:

+1 −0

Original line number	Diff line number	Diff line
		@@ -1452,6 +1452,7 @@ sub runhttptlsserver {
		$flags .= "--http ";
		$flags .= "--debug 1 " if($debugprotocol);
		$flags .= "--port $port ";
		$flags .= "--priority NORMAL:+SRP ";
		$flags .= "--srppasswd $srcdir/certs/srp-verifier-db ";
		$flags .= "--srppasswdconf $srcdir/certs/srp-verifier-conf";