Fix TLS error caused by #2763

Check whether the current gnutls library supports tls1.3 Add more tests for `doom/am-i-secure`
2020-03-28 02:20:10 +01:00 · 2020-03-28 02:20:10 +01:00 · 9709d257d9
commit 9709d257d9
parent bf3cdc37ce
3 changed files with 37 additions and 5 deletions
--- a/core/core.el
+++ b/core/core.el
@ -181,7 +181,9 @@ users).")
 ;; pulls in from all corners of the globe. Let's at least try to be more
 ;; discerning.
 (setq gnutls-verify-error (not (getenv "INSECURE"))
-      gnutls-algorithm-priority "SECURE128:+SECURE192:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.3"
+      gnutls-algorithm-priority
+      (let ((support-tls1.3 (if (>= libgnutls-version 30605) ":+VERS-TLS1.3" nil)))
+        (concat "SECURE128:+SECURE192:-VERS-ALL:+VERS-TLS1.2" support-tls1.3))
      ;; `gnutls-min-prime-bits' is set based on recommendations from
      ;; https://www.keylength.com/en/4/
      gnutls-min-prime-bits 3072