diff options
Diffstat (limited to 'guix/build/download.scm')
| -rw-r--r-- | guix/build/download.scm | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/guix/build/download.scm b/guix/build/download.scm index bd354a6985..e00fa04e35 100644 --- a/guix/build/download.scm +++ b/guix/build/download.scm @@ -274,6 +274,13 @@ host name without trailing dot." (set-session-transport-fd! session (fileno port)) (set-session-default-priority! session) + + ;; The "%COMPAT" bit allows us to work around firewall issues (info + ;; "(gnutls) Priority Strings"); see <http://bugs.gnu.org/23311>. + ;; Explicitly disable SSLv3, which is insecure: + ;; <https://tools.ietf.org/html/rfc7568>. + (set-session-priorities! session "NORMAL:%COMPAT:-VERS-SSL3.0") + (set-session-credentials! session (make-certificate-credentials)) ;; Uncomment the following lines in case of debugging emergency. |