[gnutls-devel] GnuTLS | gnutls-cli lutris.net fails (#779)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Fri Jun 7 10:54:04 CEST 2019
The differences are `record_size_limit` (only sent by gnutls), `psk_key_exchange_modes` (gnutls includes psk_ke), `renegotiation_info` (only sent by gnutls), `key_share` is larger by gnutls, `status_request` sent by gnutls.
Let's try not sending few of them. For `record_size_limit` I do not think we have a knob, though if you can connect with firefox there, which also sends it, it should be ok.
* For `psk_key_exchange_modes` to send only the one requested by openssl, do `--priority NORMAL:+DHE-PSK`
* To remove `renegotiation_info` do `--priority NORMAL:%DISABLE_SAFE_RENEGOTIATION`
* The key share you already tried with the groups test above; so it shouldn't be it
* It is not possible to remove the `status_request`
You can also try adding the `%COMPAT` to the priority string.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/779#note_178895594
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190607/36dd00da/attachment.html>
More information about the Gnutls-devel
mailing list