err = gnutls_priority_set_direct (session, "NORMAL:-VERS-SSL3.0", NULL);
break;
case secure_protocol_pfs:
-#if defined (GNUTLS_VERSION_NUMBER) && GNUTLS_VERSION_NUMBER >= 0x030204
err = gnutls_priority_set_direct (session, "PFS", NULL);
-#else
- err = gnutls_priority_set_direct (session, "NORMAL:-RSA", NULL);
-#endif
+ if (err != GNUTLS_E_SUCCESS)
+ /* fallback if PFS is not available */
+ err = gnutls_priority_set_direct (session, "NORMAL:-RSA", NULL);
break;
default:
abort ();
break;
}
- if (err <= 0)
- break;
+ err = GNUTLS_E_AGAIN;
}
else if (err < 0)
{
}
}
}
- while (err == GNUTLS_E_WARNING_ALERT_RECEIVED && gnutls_error_is_fatal (err) == 0);
+ while (err && gnutls_error_is_fatal (err) == 0);
if (opt.connect_timeout)
{