Blame gnustep-base-use_system-wide_crypto-policies.patch
|
|
3098e0c |
--- a/Source/GSTLS.orig.m 2016-03-09 14:16:16.000000000 +0100
|
|
|
3098e0c |
+++ b/Source/GSTLS.m 2016-08-21 16:46:41.347996519 +0200
|
|
|
3098e0c |
@@ -1745,8 +1745,7 @@
|
|
|
3fd911c |
0 };
|
|
|
3fd911c |
gnutls_protocol_set_priority(session, proto_prio);
|
|
|
3fd911c |
#else
|
|
|
3fd911c |
- gnutls_priority_set_direct(session,
|
|
|
3098e0c |
- "NORMAL:-VERS-SSL3.0:+VERS-TLS-ALL", NULL);
|
|
|
3fd911c |
+ gnutls_set_default_priority (session);
|
|
|
3fd911c |
#endif
|
|
|
3098e0c |
}
|
|
|
3098e0c |
else
|
|
|
3098e0c |
@@ -1757,7 +1756,7 @@
|
|
|
3098e0c |
/* By default we disable SSL3.0 as the 'POODLE' attack (Oct 2014)
|
|
|
3098e0c |
* renders it insecure.
|
|
|
3098e0c |
*/
|
|
|
3098e0c |
- gnutls_priority_set_direct(session, "NORMAL:-VERS-SSL3.0", NULL);
|
|
|
3fd911c |
+ gnutls_set_default_priority (session);
|
|
|
3fd911c |
#endif
|
|
|
3fd911c |
}
|
|
|
3fd911c |
}
|
|
|
3098e0c |
@@ -1774,7 +1773,7 @@
|
|
|
3098e0c |
{
|
|
|
3098e0c |
NSLog(@"Invalid GSTLSPriority: %s", err_pos);
|
|
|
3098e0c |
NSLog(@"Falling back to NORMAL:-VERS-SSL3.0");
|
|
|
3098e0c |
- gnutls_priority_set_direct(session, "NORMAL:-VERS-SSL3.0", NULL);
|
|
|
3098e0c |
+ gnutls_set_default_priority (session);
|
|
|
3098e0c |
}
|
|
|
3fd911c |
#endif
|
|
|
3098e0c |
}
|