Fix bg in security setting exposed by earlier fix.

2025-05-29 16:01:38 +00:00 · 2019-09-25 12:54:11 +01:00 · 2019-09-25 12:54:11 +01:00 · 99c080a3ee
commit 99c080a3ee
parent ddcff45b89
3 changed files with 17 additions and 12 deletions
--- a/Source/GSTLS.m
+++ b/Source/GSTLS.m
@ -1765,10 +1765,13 @@ retrieve_callback(gnutls_session_t session,
        }
      else
        {
-#if GNUTLS_VERSION_NUMBER >= 0x020C00
-          gnutls_priority_set_direct(session, [str UTF8String], NULL);
+#if GNUTLS_VERSION_NUMBER < 0x020C00
+	  gnutls_set_default_priority(session);
 #else
-          gnutls_set_default_priority(session);
+	  /* By default we disable SSL3.0 as the 'POODLE' attack (Oct 2014)
+	   * renders it insecure.
+	   */
+          gnutls_priority_set_direct(session, [str UTF8String], NULL);
 #endif
        }