From: Jimmy Yuen Ho Wong <wyuenho@gmail.com>
Date: Tue, 10 Jul 2018 10:27:03 +0000 (+0100)
Subject: Set standard value of `gnutls-min-primes-bits' to nil
X-Git-Tag: emacs-27.0.90~1328^2~123^2~12
X-Git-Url: http://git.eshelyaron.com/gitweb/?a=commitdiff_plain;h=023f4c60e9279b69be1dc7db83f69674ce1e1917;p=emacs.git

Set standard value of `gnutls-min-primes-bits' to nil

* lisp/net/gnutls.el (gnutls-min-prime-bits): Set standard value to
  nil in order to let GnuTLS manage the minimum DH prime bits
  accepted.
---

diff --git a/lisp/net/gnutls.el b/lisp/net/gnutls.el
index 8af34c2a99e..e9d48026d34 100644
--- a/lisp/net/gnutls.el
+++ b/lisp/net/gnutls.el
@@ -117,10 +117,7 @@ The files may not exist, in which case they will be ignored."
   :type '(choice (function :tag "Function to produce list of bundle filenames")
                  (repeat (file :tag "Bundle filename"))))
 
-;;;###autoload
-(defcustom gnutls-min-prime-bits 256
-  ;; Several mail servers send fewer bits than the GnuTLS default.
-  ;; Currently, 256 appears to be a reasonable choice (Bug#11267).
+(defcustom gnutls-min-prime-bits nil
   "Minimum number of prime bits accepted by GnuTLS for key exchange.
 During a Diffie-Hellman handshake, if the server sends a prime
 number with fewer than this number of bits, the handshake is
@@ -136,7 +133,7 @@ network security is handled at a higher level via
 `open-network-stream' and the Network Security Manager.  See Info
 node `(emacs) Network Security'."
   :type '(choice (const :tag "Use default value" nil)
-                 (integer :tag "Number of bits" 512))
+                 (integer :tag "Number of bits" 2048))
   :group 'gnutls)
 
 (defcustom gnutls-crlfiles