sock->account = session->account;
sock->is_smtp = session->is_smtp;
#ifdef USE_GNUTLS
+ sock->gnutls_priority = session->gnutls_priority;
+
if (session->ssl_type == SSL_TUNNEL) {
sock_set_nonblocking_mode(sock, FALSE);
if (!ssl_init_socket(sock)) {
g_byte_array_free(session->read_data_buf, TRUE);
g_free(session->read_data_terminator);
g_free(session->write_buf);
+#ifdef USE_GNUTLS
+ g_free(session->gnutls_priority);
+#endif
debug_print("session (%p): destroyed\n", session);
#ifdef USE_GNUTLS
SSLType ssl_type;
+ gchar *gnutls_priority;
#endif
};
gnutls_certificate_credentials_t xcred;
gnutls_x509_crt_t client_crt;
gnutls_x509_privkey_t client_key;
+ gchar *gnutls_priority;
#endif
guint g_source;
GIOChannel *sock_ch;
if (session == NULL || r != 0)
return FALSE;
- if (method == 0)
- gnutls_priority_set_direct(session, "NORMAL:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-TLS1.2", NULL);
- else
- gnutls_priority_set_direct(session, "NORMAL", NULL);
+ if (sockinfo->gnutls_priority && strlen(sockinfo->gnutls_priority)) {
+ r = gnutls_priority_set_direct(session, sockinfo->gnutls_priority, NULL);
+ debug_print("Setting GnuTLS priority to %s, status = %d\n",
+ sockinfo->gnutls_priority, r);
+ }
+ else {
+ if (method == 0)
+ gnutls_priority_set_direct(session, "NORMAL:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-TLS1.2", NULL);
+ else
+ gnutls_priority_set_direct(session, "NORMAL", NULL);
+ }
gnutls_record_disable_padding(session);
gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, xcred);
&advanced_page.domain_entry,
prefs_set_data_from_entry, prefs_set_entry},
+#ifdef USE_GNUTLS
+ {"gnutls_set_priority", "FALSE", &tmp_ac_prefs.set_gnutls_priority, P_BOOL,
+ NULL, NULL, NULL},
+
+ {"gnutls_priority", NULL, &tmp_ac_prefs.gnutls_priority, P_STRING,
+ NULL, NULL, NULL},
+#endif
+
#ifndef G_OS_WIN32
{"set_tunnelcmd", "FALSE", &tmp_ac_prefs.set_tunnelcmd, P_BOOL,
&advanced_page.tunnelcmd_checkbtn,
gushort nntpport;
gboolean set_domain;
gchar *domain;
+ gboolean set_gnutls_priority;
+ gchar *gnutls_priority;
gboolean msgid_with_addr;
gboolean mark_crosspost_read;
gint crosspost_col;
session->ssl_type = ac_prefs->ssl_smtp;
if (ac_prefs->ssl_smtp != SSL_NONE)
session->nonblocking = ac_prefs->use_nonblocking_ssl;
+ if (ac_prefs->set_gnutls_priority && ac_prefs->gnutls_priority &&
+ strlen(ac_prefs->gnutls_priority))
+ session->gnutls_priority = g_strdup(ac_prefs->gnutls_priority);
#else
if (ac_prefs->ssl_smtp != SSL_NONE) {
if (alertpanel_full(_("Insecure connection"),