[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug-wget] wget sets gnutls priority multiple times
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[Bug-wget] wget sets gnutls priority multiple times |
|
Date: |
Mon, 19 Dec 2016 16:09:08 +0100 |
Hi,
While debugging some issue in Fedora [0] I've realized that wget calls
the gnutls priority functions multiple times, and that confuses gnutls
on certain cases. In src/gnutls.c wget calls
gnutls_set_default_priority (session) which sets the default cipher
priorities according to the system policy. However, at the following
lines it overwrites that policy in the switch (opt.secure_protocol).
In particular, when no options are given it enters:
```
case secure_protocol_auto:
err = gnutls_priority_set_direct (session, "NORMAL:%COMPAT:-VERS-SSL3.0",
NULL);
```
That means that the default policy set above is overwritten. A possible
fix is attached. That ensures that the priorities are set only once and
that the default priorities are used when no options are specified (the
latter is important for Fedora which ensures that
gnutls_set_default_priority() sets a priority string according to the
system-wide policies.
The use of keyword %COMPAT is replaced by calling
gnutls_session_enable_compatibility_mode().
regards,
Nikos
[0]. https://bugzilla.redhat.com/show_bug.cgi?id=1405959
0001-Avoid-calling-the-gnutls-priority-functions-multiple.patch
Description: Text Data
- [Bug-wget] wget sets gnutls priority multiple times,
Nikos Mavrogiannopoulos <=