Bug 745645 – Do not override WebKit's choice of GnuTLS priority string

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 745645 - Do not override WebKit's choice of GnuTLS priority string


Summary:	Do not override WebKit's choice of GnuTLS priority string


Status:	RESOLVED FIXED

Product:	gnome-control-center
Classification:	Core
Component:	general
Version:	unspecified
Hardware:	Other All

Importance:	Normal normal
Target Milestone:	---
Assigned To:	Control-Center Maintainers
QA Contact:	Control-Center Maintainers

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2015-03-05 00:05 UTC by Michael Catanzaro
Modified:	2015-03-05 16:15 UTC

See Also:
GNOME target:	---
GNOME version:	---

Attachments
shell: Stop overriding WebKit's choice of GnuTLS priority string (970 bytes, patch) 2015-03-05 00:05 UTC, Michael Catanzaro	accepted-commit_now	Details \| Review
Revert "main: Disable SSLv3 because of POODLE" (1.00 KB, patch) 2015-03-05 16:15 UTC, Michael Catanzaro	committed	Details \| Review

Description Michael Catanzaro 2015-03-05 00:05:15 UTC

We don't need to do this anymore

Comment 1 Michael Catanzaro 2015-03-05 00:05:18 UTC

Created attachment 298586 [details] [review]
shell: Stop overriding WebKit's choice of GnuTLS priority string

Now that g-o-a has been ported to WK2, we should let WebKit choose our
insecurity (stet!) preferences rather than picking them ourselves.

Comment 2 Debarshi Ray 2015-03-05 08:27:31 UTC

Review of attachment 298586 [details] [review]:

Thanks for keeping track of this, Michael. The patch is obviously correct. One minor nitpick. How about doing this as a revert of 38e7ea475a73e724ac6a02aa43807d4f77d378c8?

Comment 3 Michael Catanzaro 2015-03-05 16:15:35 UTC

OK!

The following fix has been pushed:
14356d6 Revert "main: Disable SSLv3 because of POODLE"

Comment 4 Michael Catanzaro 2015-03-05 16:15:39 UTC

Created attachment 298651 [details] [review]
Revert "main: Disable SSLv3 because of POODLE"

This reverts commit 38e7ea475a73e724ac6a02aa43807d4f77d378c8.

Now that gnome-online-accounts uses WebKit2, we should not presume to
know more about TLS security than WebKit. In WebKit1 this was our
responsibility.