[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug-wget] wget sets gnutls priority multiple times

From: Nikos Mavrogiannopoulos
Subject: [Bug-wget] wget sets gnutls priority multiple times
Date: Mon, 19 Dec 2016 16:09:08 +0100

 While debugging some issue in Fedora [0] I've realized that wget calls
the gnutls priority functions multiple times, and that confuses gnutls
on certain cases. In src/gnutls.c wget calls
gnutls_set_default_priority (session) which sets the default cipher
priorities according to the system policy. However, at the following
lines it overwrites that policy in the switch (opt.secure_protocol).

In particular, when no options are given it enters:
    case secure_protocol_auto:
      err = gnutls_priority_set_direct (session, "NORMAL:%COMPAT:-VERS-SSL3.0", 

That means that the default policy set above is overwritten. A possible
fix is attached. That ensures that the priorities are set only once and
that the default priorities are used when no options are specified (the
latter is important for Fedora which ensures that
gnutls_set_default_priority() sets a priority string according to the
system-wide policies.

The use of keyword %COMPAT is replaced by calling


[0]. https://bugzilla.redhat.com/show_bug.cgi?id=1405959

Attachment: 0001-Avoid-calling-the-gnutls-priority-functions-multiple.patch
Description: Text Data

reply via email to

[Prev in Thread] Current Thread [Next in Thread]