Fix priority string when using newer GnuTLS

The call of gnutls_set_default_priority_append() expects a normal priority
string, which means it must not start with ':'.

diff --git a/common/rfb/CSecurityTLS.cxx b/common/rfb/CSecurityTLS.cxx
index 0354191ac2795fc1b42cf78c3ff5b7d93c75de83..df4b37b57abaca8fc12ab94ce68438df6b37e37e 100644 (file)
--- a/common/rfb/CSecurityTLS.cxx
+++ b/common/rfb/CSecurityTLS.cxx
@@ -238,7 +238,9 @@ void CSecurityTLS::setParam()
     const char *err;
 
 #if GNUTLS_VERSION_NUMBER >= 0x030603
-    ret = gnutls_set_default_priority_append(session, kx_anon_priority, &err, 0);
+    // gnutls_set_default_priority_appends() expects a normal priority string that
+    // doesn't start with ":".
+    ret = gnutls_set_default_priority_append(session, kx_anon_priority + 1, &err, 0);
     if (ret != GNUTLS_E_SUCCESS) {
       if (ret == GNUTLS_E_INVALID_REQUEST)
         vlog.error("GnuTLS priority syntax error at: %s", err);

diff --git a/common/rfb/SSecurityTLS.cxx b/common/rfb/SSecurityTLS.cxx
index 6216ffd9b3b552a97c4ef865fb6bc1eebb48b424..f3d58ae0450db7c23fc1f2e5a961fca09846b53b 100644 (file)
--- a/common/rfb/SSecurityTLS.cxx
+++ b/common/rfb/SSecurityTLS.cxx
@@ -229,7 +229,9 @@ void SSecurityTLS::setParams(gnutls_session_t session)
     const char *err;
 
 #if GNUTLS_VERSION_NUMBER >= 0x030603
-    ret = gnutls_set_default_priority_append(session, kx_anon_priority, &err, 0);
+    // gnutls_set_default_priority_appends() expects a normal priority string that
+    // doesn't start with ":".
+    ret = gnutls_set_default_priority_append(session, kx_anon_priority + 1, &err, 0);
     if (ret != GNUTLS_E_SUCCESS) {
       if (ret == GNUTLS_E_INVALID_REQUEST)
         vlog.error("GnuTLS priority syntax error at: %s", err);