[gnutls-devel] GnuTLS | gnutls_priority_set: do not override the version after handshake is complete (!777)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Tue Oct 30 11:28:21 CET 2018
Tom commented on a discussion on lib/priority.c:
> }
It's about line 597. I think this part is reachable when you use this function to set priorities for the first time. If the `_gnutls_set_current_version()` function fails then now you get an `GNUTLS_E_NO_PRIORITIES_WERE_SET` error code back. This is imo not the correct error code here because there were priorities set. Therefore I would suggest to return the error code that `_gnutls_set_current_version()` returns.
Furthermore, I think the function documentation is currently not correct since we do not return any error if someone calls this function again with incorrect priorities (i.e. different proto version). In the current implementation we simply do not (re)set a new protocol version if the handshake is in progress or if it has been completed. The rest of the priorities will be changed to the new ones given in that case and 0 will be returned.
We should therefore either update the docs or return an error code if someone whats to change the protocol version.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/777#note_113096274
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20181030/ad2407bf/attachment.html>
More information about the Gnutls-devel
mailing list