89eb1823f0
- Increase GNUTLS_MAX_ALGORITHM_NUM for allowlisting - Ensure allowlisting API is called before priority string is constructed Related: #2033220 Related: #2042532 Signed-off-by: Daiki Ueno <dueno@redhat.com>
27 lines
916 B
Diff
27 lines
916 B
Diff
diff --git a/lib/priority.c b/lib/priority.c
|
|
index 9feec47fe2..40511710fd 100644
|
|
--- a/lib/priority.c
|
|
+++ b/lib/priority.c
|
|
@@ -2001,13 +2001,14 @@ char *_gnutls_resolve_priorities(const char* priorities)
|
|
additional++;
|
|
}
|
|
|
|
- /* Always try to refresh the cached data, to allow it to be
|
|
- * updated without restarting all applications.
|
|
- */
|
|
- ret = _gnutls_update_system_priorities(false /* defer_system_wide */);
|
|
- if (ret < 0) {
|
|
- _gnutls_debug_log("failed to update system priorities: %s\n",
|
|
- gnutls_strerror(ret));
|
|
+ /* If priority string is not constructed yet, construct and finalize */
|
|
+ if (!system_wide_config.priority_string) {
|
|
+ ret = _gnutls_update_system_priorities(false
|
|
+ /* defer_system_wide */);
|
|
+ if (ret < 0) {
|
|
+ _gnutls_debug_log("failed to update system priorities: "
|
|
+ " %s\n", gnutls_strerror(ret));
|
|
+ }
|
|
}
|
|
|
|
do {
|