gnustep/libs-base
0
0
Fork 0
mirror of https://github.com/gnustep/libs-base.git synced 2025-05-30 16:30:41 +00:00
Code Issues Projects Releases Packages Wiki Activity

Fall back to a sane default if the TLS priority setting is invalid.

Browse source
This commit is contained in:
Wolfgang Lux 2019-10-29 10:14:35 +01:00
parent ebbe3f9081
commit cc50c639ae
2 changed files with 12 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

5
ChangeLog
View file

@ -1,3 +1,8 @@
2019-10-29 Wolfgang Lux <wolfgang.lux@gmail.com>
* Source/GSTLS.m:
Fall back to a sane default if the TLS priority setting is invalid.
2019-10-28 Wolfgang Lux <wolfgang.lux@gmail.com> 2019-10-28 Wolfgang Lux <wolfgang.lux@gmail.com>
* Source/GSSocketStream.m: * Source/GSSocketStream.m:

8
Source/GSTLS.m
View file

@ -1771,7 +1771,13 @@ retrieve_callback(gnutls_session_t session,
/* By default we disable SSL3.0 as the 'POODLE' attack (Oct 2014) /* By default we disable SSL3.0 as the 'POODLE' attack (Oct 2014)
* renders it insecure. * renders it insecure.
*/ */
gnutls_priority_set_direct(session, [str UTF8String], NULL); const char *err_pos;
if (gnutls_priority_set_direct(session, [str UTF8String], &err_pos))
{
NSLog(@"Invalid GSTLSPriority: %s", err_pos);
NSLog(@"Falling back to NORMAL:-VERS-SSL3.0");
gnutls_priority_set_direct(session, "NORMAL:-VERS-SSL3.0", NULL);
}
#endif #endif
} }