From e015e2be21ae17f83ff7641f02cf5435f57ca710 Mon Sep 17 00:00:00 2001
From: Witold Filipczyk <witekfl@poczta.onet.pl>
Date: Wed, 1 Jul 2015 16:23:19 +0200
Subject: [PATCH] -VERS-SSL3.0 in gnutls to avoid SSL error.

---
 src/network/ssl/socket.c | 2 +-
 src/network/ssl/ssl.c    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/network/ssl/socket.c b/src/network/ssl/socket.c
index 6af5e0d0..20912297 100644
--- a/src/network/ssl/socket.c
+++ b/src/network/ssl/socket.c
@@ -91,7 +91,7 @@ ssl_set_no_tls(struct socket *socket)
 	 * that version hasn't yet been released as of May 2011.  */
 	gnutls_priority_set_direct(*(ssl_t *) socket->ssl,
 				   "SECURE:-CTYPE-OPENPGP"
-				   ":+VERS-SSL3.0:-VERS-TLS1.0"
+				   ":-VERS-SSL3.0:-VERS-TLS1.0"
 				   ":-VERS-TLS1.1:-VERS-TLS1.2"
 				   ":%SSL3_RECORD_VERSION",
 				   NULL);
diff --git a/src/network/ssl/ssl.c b/src/network/ssl/ssl.c
index 59a69577..693ac375 100644
--- a/src/network/ssl/ssl.c
+++ b/src/network/ssl/ssl.c
@@ -348,7 +348,7 @@ init_ssl_connection(struct socket *socket,
 	 * in ELinks.  If you change the priorities here, please check
 	 * whether that one needs to be changed as well.  */
 	if (gnutls_priority_set_direct(*state,
-				       "NORMAL:-CTYPE-OPENPGP:-VERS-TLS1.1",
+				       "NORMAL:-CTYPE-OPENPGP:-VERS-TLS1.1:-VERS-SSL3.0",
 				       NULL)) {
 		gnutls_deinit(*state);
 		mem_free(state);
-- 
2.11.4.GIT