[glib-networking] gnutls: don't crash if G_TLS_GNUTLS_PRIORITY is invalid

From: Dan Winship <danw src gnome org>
To: commits-list gnome org
Cc:
Subject: [glib-networking] gnutls: don't crash if G_TLS_GNUTLS_PRIORITY is invalid
Date: Mon, 24 Jun 2013 21:36:29 +0000 (UTC)

commit 696e2bb63618de1bda1691473153ff9d9b4f115f
Author: Dan Winship <danw gnome org>
Date:   Tue Jun 18 21:15:50 2013 -0300

    gnutls: don't crash if G_TLS_GNUTLS_PRIORITY is invalid
    
    If G_TLS_GNUTLS_PRIORITY can't be parsed, print a warning and fall
    back to the default value.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=701693

 tls/gnutls/gtlsconnection-gnutls.c |    9 ++++++++-
 1 files changed, 8 insertions(+), 1 deletions(-)
---
diff --git a/tls/gnutls/gtlsconnection-gnutls.c b/tls/gnutls/gtlsconnection-gnutls.c
index 4b93ed6..c911447 100644
--- a/tls/gnutls/gtlsconnection-gnutls.c
+++ b/tls/gnutls/gtlsconnection-gnutls.c
@@ -201,16 +201,23 @@ g_tls_connection_gnutls_init_priorities (void)
 {
   const gchar *base_priority;
   gchar *ssl3_priority, *unsafe_rehandshake_priority, *ssl3_unsafe_rehandshake_priority;
+  int ret;
 
   base_priority = g_getenv ("G_TLS_GNUTLS_PRIORITY");
   if (!base_priority)
     base_priority = "NORMAL:%COMPAT";
+  ret = gnutls_priority_init (&priorities[FALSE][FALSE], base_priority, NULL);
+  if (ret == GNUTLS_E_INVALID_REQUEST)
+    {
+      g_warning ("G_TLS_GNUTLS_PRIORITY is invalid; ignoring!");
+      base_priority = "NORMAL:%COMPAT";
+      gnutls_priority_init (&priorities[FALSE][FALSE], base_priority, NULL);
+    }
 
   ssl3_priority = g_strdup_printf ("%s:!VERS-TLS1.2:!VERS-TLS1.1:!VERS-TLS1.0", base_priority);
   unsafe_rehandshake_priority = g_strdup_printf ("%s:%%UNSAFE_RENEGOTIATION", base_priority);
   ssl3_unsafe_rehandshake_priority = g_strdup_printf 
("%s:!VERS-TLS1.2:!VERS-TLS1.1:!VERS-TLS1.0:%%UNSAFE_RENEGOTIATION", base_priority);
 
-  gnutls_priority_init (&priorities[FALSE][FALSE], base_priority, NULL);
   gnutls_priority_init (&priorities[TRUE][FALSE], ssl3_priority, NULL);
   gnutls_priority_init (&priorities[FALSE][TRUE], unsafe_rehandshake_priority, NULL);
   gnutls_priority_init (&priorities[TRUE][TRUE], ssl3_unsafe_rehandshake_priority, NULL);

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]