emenel/doomemacs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fix #2949: swap TLS 1.3 & 1.2 in gnutls-algorithm-priority

Browse source
This commit is contained in:
Henrik Lissner 2020-04-21 17:08:34 -04:00
parent 27c64a3abd
commit 0c3e11766c
No known key found for this signature in database
GPG key ID: 5F6C0EA160557395
1 changed files with 3 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
core/core.el
View file

@ -196,11 +196,12 @@ users).")
(setq gnutls-verify-error (not (getenv "INSECURE")) (setq gnutls-verify-error (not (getenv "INSECURE"))
gnutls-algorithm-priority gnutls-algorithm-priority
(when (boundp 'libgnutls-version) (when (boundp 'libgnutls-version)
(concat "SECURE128:+SECURE192:-VERS-ALL:+VERS-TLS1.2" (concat "SECURE128:+SECURE192:-VERS-ALL"
(if (and (not IS-WINDOWS) (if (and (not IS-WINDOWS)
(not (version< emacs-version "26.3")) (not (version< emacs-version "26.3"))
(>= libgnutls-version 30605)) (>= libgnutls-version 30605))
":+VERS-TLS1.3"))) ":+VERS-TLS1.3")
":+VERS-TLS1.2"))
;; `gnutls-min-prime-bits' is set based on recommendations from ;; `gnutls-min-prime-bits' is set based on recommendations from
;; https://www.keylength.com/en/4/ ;; https://www.keylength.com/en/4/
gnutls-min-prime-bits 3072 gnutls-min-prime-bits 3072