Sorry to bother again, but now I run into a different problem with this. I set `gnutls-algorithm-priority' to "NORMAL:-VERS-TLS1.3" as suggested in that bugreport. This does work fine locally. However, when I use the same code on Travis CI for automated testing, I get the following error:
gnutls.c: [1] (Emacs) connecting to host:
stable.melpa.org gnutls.c: [1] (Emacs) allocating credentials
gnutls.c: [2] (Emacs) allocating x509 credentials
gnutls.c: [2] (Emacs) using default verification flags
gnutls.c: [1] (Emacs) setting the trustfile: /etc/ssl/certs/ca-certificates.crt
gnutls.c: [1] (Emacs) gnutls callbacks
gnutls.c: [1] (Emacs) gnutls_init
gnutls.c: [1] (Emacs) got non-default priority string: NORMAL:-VERS-TLS1.3
gnutls.c: [1] (Emacs) setting the priority string
gnutls.c: [2] ASSERT: gnutls_priority.c:832
gnutls.el: (err=[-50] The request is invalid.) boot: (:priority NORMAL:-VERS-TLS1.3 :hostname
stable.melpa.org :loglevel 2 :min-prime-bits 256 :trustfiles (/etc/ssl/certs/ca-certificates.crt) :crlfiles nil :keylist nil :verify-flags nil :verify-error nil :callbacks nil)
Package refresh done
Debugger entered--Lisp error: (gnutls-error #<process
stable.melpa.org<1>> -50)
signal(gnutls-error (#<process
stable.melpa.org<1>> -50))
Travis CI (Ubuntu distribution Trusty) has an ancient GnuTLS version 2.12.6. As far as I understand, it doesn't know about TLS1.3 and therefore the attempt to disable it fails.
Is there a way to use "NORMAL:-VERS-TLS1.3" in "do not fail" mode? Maybe I could somehow query if the library knows about 1.3 first?