Fix compile error...

Drop optimization for default TLS options; better to ensure we get consistent
priority string values here than to save a few nanoseconds (previous optimized
value was wrong...)

git-svn-id: svn+ssh://src.apple.com/svn/cups/cups.org/trunk@12653 a1ca3aef-8c08-0410-bb20-df032aa958be

diff --git a/cups/tls-gnutls.c b/cups/tls-gnutls.c
index d78a5d63c3c3f388e0441aaa3d4dda038f5cde45..b4271987cb29cc235de5b8790ad80cbe60ee6382 100644 (file)
--- a/cups/tls-gnutls.c
+++ b/cups/tls-gnutls.c
@@ -1208,26 +1208,21 @@ _httpTLSStart(http_t *http)             /* I - Connection to server */
     return (-1);
   }
 
-  if (!tls_options)
-    strlcpy(priority_string, "NORMAL:-ARCFOUR-128:+VERS-TLS-ALL:-VERS-SSL3.0", sizeof(priority_string));
+  strlcpy(priority_string, "NORMAL", sizeof(priority_string));
+
+  if (tls_options & _HTTP_TLS_DENY_TLS10)
+    strlcat(priority_string, ":+VERS-TLS-ALL:-VERS-TLS1.0:-VERS-SSL3.0", sizeof(priority_string));
+  else if (tls_options & _HTTP_TLS_ALLOW_SSL3)
+    strlcat(priority_string, ":+VERS-TLS-ALL", sizeof(priority_string));
   else
-  {
-    strlcpy(priority_string, "NORMAL", sizeof(priority_string));
+    strlcat(priority_string, ":+VERS-TLS-ALL:-VERS-SSL3.0", sizeof(priority_string));
 
-    if (tls_options & _HTTP_TLS_DENY_TLS10)
-      strlcat(priority_string, ":+VERS-TLS-ALL:-VERS-TLS1.0:-VERS-SSL3.0", sizeof(priority_string);
-    else if (tls_options & _HTTP_TLS_ALLOW_SSL3)
-      strlcat(priority_string, ":+VERS-TLS-ALL", sizeof(priority_string);
-    else
-      strlcat(priority_string, ":+VERS-TLS-ALL:-VERS-SSL3.0", sizeof(priority_string);
+  if (!(tls_options & _HTTP_TLS_ALLOW_RC4))
+    strlcat(priority_string, ":-ARCFOUR-128", sizeof(priority_string));
 
-    if (!(tls_options & _HTTP_TLS_ALLOW_RC4))
-      strlcat(priority_string, ":-ARCFOUR-128", sizeof(priority_string));
+  if (!(tls_options & _HTTP_TLS_ALLOW_DH))
+    strlcat(priority_string, ":!DHE-RSA:!DHE-DSS:!ANON-DH", sizeof(priority_string));
 
-    if (!(tls_options & _HTTP_TLS_ALLOW_DH))
-      strlcat(priority_string, ":!DHE-RSA:!DHE-DSS:!ANON-DH", sizeof(priority_string));
-  }
-  
 #ifdef HAVE_GNUTLS_PRIORITY_SET_DIRECT
   gnutls_priority_set_direct(http->tls, priority_string, NULL);