@@ -1,7 +1,14 @@

-From d1c2181514b74880a0afada1ba5388d28f56c6fd Mon Sep 17 00:00:00 2001

+From 9dfc6cdd4e2ce03935acc47326ad9b7c2132fe24 Mon Sep 17 00:00:00 2001

 From: Shreenidhi Shedi <sshedi@vmware.com>

 Date: Tue, 28 Nov 2023 16:59:31 +0530

-Subject: [PATCH] default priority

+Subject: [PATCH] Prefer system priority as default over noraml priority.

+

+Use priority settings from @SYSTEM (/etc/gnutls/default-priorities)

+which is user configurable, if it's not present then fallback to NORMAL

+priority which gets set during build time.

+

+Makes sense to follow this approach when we want to tweak the policy

+depending on security needs of the system.

 Signed-off-by: Shreenidhi Shedi <sshedi@vmware.com>

 ---

@@ -9,10 +16,10 @@ Signed-off-by: Shreenidhi Shedi <sshedi@vmware.com>

  1 file changed, 6 insertions(+), 1 deletion(-)

 diff --git a/lib/priority.c b/lib/priority.c

-index efa4d90..9728c67 100644

+index d84af07..8d0d57a 100644

 --- a/lib/priority.c

 +++ b/lib/priority.c

-@@ -3021,11 +3021,16 @@ gnutls_priority_init(gnutls_priority_t * priority_cache,

+@@ -3134,11 +3134,16 @@ int gnutls_priority_init(gnutls_priority_t *priority_cache,

  		priorities = "@" LEVEL_SYSTEM;

  	}

  	if (priorities == NULL) {

@@ -31,5 +38,5 @@ index efa4d90..9728c67 100644

  		gnutls_assert();

  		goto error;

 -- 

-2.43.0

+2.25.1