+2013-09-07 Tim Ruehsen <tim.ruehsen@gmx.de>
+
+ * gnutls.c (ssl_connect_wget): use gnutls_check_version()
+ to check if option "PFS" is available
+ Reported by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+
2013-09-03 Tim Ruehsen <tim.ruehsen@gmx.de>
* main.c: Add new value 'PFS' to --secure-protocol to
err = gnutls_priority_set_direct (session, "NORMAL:-VERS-SSL3.0", NULL);
break;
case secure_protocol_pfs:
-#if defined (GNUTLS_VERSION_NUMBER) && GNUTLS_VERSION_NUMBER >= 0x030204
- err = gnutls_priority_set_direct (session, "PFS", NULL);
-#else
- err = gnutls_priority_set_direct (session, "NORMAL:-RSA", NULL);
-#endif
+ if (gnutls_check_version("3.2.4"))
+ err = gnutls_priority_set_direct (session, "PFS", NULL);
+ else
+ err = gnutls_priority_set_direct (session, "NORMAL:-RSA", NULL);
break;
default:
abort ();