Resolve security leak

author fr.fang <fr.fang@samsung.com>

Wed, 9 Mar 2016 06:16:47 +0000 (14:16 +0800)

committer seonah moon <seonah1.moon@samsung.com>

Wed, 8 Jun 2016 05:37:54 +0000 (22:37 -0700)
author fr.fang <fr.fang@samsung.com>
Wed, 9 Mar 2016 06:16:47 +0000 (14:16 +0800)
committer seonah moon <seonah1.moon@samsung.com>
Wed, 8 Jun 2016 05:37:54 +0000 (22:37 -0700)
diff --git a/tls/gnutls/gtlsconnection-gnutls.c b/tls/gnutls/gtlsconnection-gnutls.c

index 28a9d4b..e98bc7e 100755 (executable)
--- a/tls/gnutls/gtlsconnection-gnutls.c
+++ b/tls/gnutls/gtlsconnection-gnutls.c
@@ -207,7 +207,7 @@ g_tls_connection_gnutls_init (GTlsConnectionGnutls *gnutls)
  static gnutls_priority_t priorities[2][2];
  
  #if ENABLE(TIZEN_TV_UPDATE_DEFAULT_PRIORITY)
-#define DEFAULT_BASE_PRIORITY "NORMAL:%COMPAT:%LATEST_RECORD_VERSION"
+#define DEFAULT_BASE_PRIORITY "NORMAL:%COMPAT:!VERS-SSL3.0:%LATEST_RECORD_VERSION"
  #endif
  
  static void
@@ -219,7 +219,7 @@ g_tls_connection_gnutls_init_priorities (void)
  
    base_priority = g_getenv ("G_TLS_GNUTLS_PRIORITY");
    if (!base_priority)
-    base_priority = "NORMAL:%COMPAT";
+    base_priority = "NORMAL:%COMPAT:!VERS-SSL3.0";
  #if ENABLE(TIZEN_TV_UPDATE_DEFAULT_PRIORITY)
    ret = gnutls_priority_init (&priorities[FALSE][FALSE], DEFAULT_BASE_PRIORITY, NULL);
  #else
@@ -228,7 +228,7 @@ g_tls_connection_gnutls_init_priorities (void)
    if (ret == GNUTLS_E_INVALID_REQUEST)
      {
        g_warning ("G_TLS_GNUTLS_PRIORITY is invalid; ignoring!");
-      base_priority = "NORMAL:%COMPAT";
+      base_priority = "NORMAL:%COMPAT:!VERS-SSL3.0";
  #if ENABLE(TIZEN_TV_UPDATE_DEFAULT_PRIORITY)
        gnutls_priority_init (&priorities[FALSE][FALSE], DEFAULT_BASE_PRIORITY, NULL);
  #else
author	fr.fang <fr.fang@samsung.com>
	Wed, 9 Mar 2016 06:16:47 +0000 (14:16 +0800)
committer	seonah moon <seonah1.moon@samsung.com>
	Wed, 8 Jun 2016 05:37:54 +0000 (22:37 -0700)