From 741e98a23508ff599f1e6b13b284f5d1fc5c9e38 Mon Sep 17 00:00:00 2001
From: Tim Ruehsen <address@hidden>
Date: Sun, 23 Dec 2012 10:51:25 +0100
Subject: [PATCH] support broken SSL servers

---
 src/ChangeLog |    6 ++++++
 src/gnutls.c  |    1 +
 2 files changed, 7 insertions(+)

diff --git a/src/ChangeLog b/src/ChangeLog
index bbc6735..4750fbf 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,9 @@
+2012-12-23  Tim Ruehsen  <address@hidden>
+
+	* gnutls.c (ssl_connect_wget): set NORMAL:%COMPAT for
+	--secure-protocol=AUTO to support broken/incomplete SSL/TLS
+   server implementations.
+
 2012-12-20  Tim Ruehsen  <address@hidden>
 
 	* gnutls.c (ssl_connect_wget): added +VERS-SSL3.0 to fix
diff --git a/src/gnutls.c b/src/gnutls.c
index 769b005..7e705c6 100644
--- a/src/gnutls.c
+++ b/src/gnutls.c
@@ -398,6 +398,7 @@ ssl_connect_wget (int fd, const char *hostname)
   switch (opt.secure_protocol)
     {
     case secure_protocol_auto:
+      err = gnutls_priority_set_direct (session, "NORMAL:%COMPAT", NULL);
       break;
     case secure_protocol_sslv2:
     case secure_protocol_sslv3:
-- 
1.7.10.4