[vlc-commits] [Git][videolan/vlc][3.0.x] gnutls: remove manual DH prime bits setting
Steve Lhomme (@robUx4)
gitlab at videolan.org
Thu May 15 13:56:22 UTC 2025
Steve Lhomme pushed to branch 3.0.x at VideoLAN / VLC
Commits:
8a7f5456 by William Woodruff at 2025-05-14T09:48:39-04:00
gnutls: remove manual DH prime bits setting
This sets the DH group to an unnecessarily and
insecure small size. By removing this function
call GnuTLS will select an appropriate DH
group from the priority string which, when
configured appropriately, will always be
a 2048-bit or larger group.
Signed-off-by: William Woodruff <william at trailofbits.com>
(cherry picked from commit 3c9e4df184162940c43fcf1f6e51421fca4e2ac4)
Signed-off-by: Tristan Matthews <tmatth at videolan.org>
- - - - -
1 changed file:
- modules/misc/gnutls.c
Changes:
=====================================
modules/misc/gnutls.c
=====================================
@@ -399,9 +399,6 @@ static vlc_tls_t *gnutls_ClientSessionOpen(vlc_tls_creds_t *crd,
gnutls_session_t session = priv->session;
- /* minimum DH prime bits */
- gnutls_dh_set_prime_bits (session, 1024);
-
if (likely(hostname != NULL))
/* fill Server Name Indication */
gnutls_server_name_set (session, GNUTLS_NAME_DNS,
View it on GitLab: https://code.videolan.org/videolan/vlc/-/commit/8a7f54566a01a9990a60473b6a2417481a074cce
--
View it on GitLab: https://code.videolan.org/videolan/vlc/-/commit/8a7f54566a01a9990a60473b6a2417481a074cce
You're receiving this email because of your account on code.videolan.org.
VideoLAN code repository instance
More information about the vlc-commits
mailing list