gnutls_set_priority() does not handle strings starting with "NONE".
Laurence Withers
l at lwithers.me.uk
Sun Feb 3 22:53:51 CET 2008
Hi,
In the gnutls function reference, for the function gnutls_set_priority()
it is stated:
"NONE" nothing is enabled. This disables even protocols and
compression methods.
and one of the examples:
"NONE:+VERS-TLS1.0:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL"
However, if you actually try that example, or even the string "NONE" on
its own, it doesn't work (it returns GNUTLS_E_INVALID_REQUEST and sets
the error location to the start of the string).
Tracing this back into the code, the token "NONE" is handled specially
before the for loop in gnutls_set_priority() that parses each token.
However, the loop itself always parses all tokens and it doesn't know
handle "NONE".
I attached a patch which causes the first token to be skipped by this
loop if it was "NONE". The patch is against 2.2.1 but also applies
against 2.3.0.
Bye for now,
--
Laurence Withers, <l at lwithers.me.uk> -- jabber:l at jabber.lwithers.me.uk
http://www.lwithers.me.uk/ tel:+447753988197
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gnutls_priority_init-NONE.patch
Type: text/x-diff
Size: 579 bytes
Desc: not available
URL: </pipermail/attachments/20080203/0cfcf0f8/attachment.patch>
More information about the Gnutls-devel
mailing list