gnutls: remove manual DH prime bits setting (!7220) · Merge requests · VideoLAN / VLC

William Woodruff requested to merge woodruffw/vlc:gnutls-rm-call into master May 09, 2025

This sets the DH group to an unnecessarily and insecure small size. By removing this function call GnuTLS will select an appropriate DH group from the priority string which, when configured appropriately, will always be a 2048-bit or larger group.

More generally, this function is considered deprecated within GnuTLS; GnuTLS always sets the appropriate DH group via the priority string.

See the GnuTLS API documentation for additional details: https://www.gnutls.org/manual/html_node/Core-TLS-API.html

Signed-off-by: William Woodruff william@trailofbits.com

gnutls: remove manual DH prime bits setting

Merge request reports