diff options
| author | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2017-09-23 21:56:23 +0300 |
|---|---|---|
| committer | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2019-12-18 23:42:47 +0300 |
| commit | cf5bf721380610e2609a949e8de6925122a23924 (patch) | |
| tree | abc993f04c277e0ba80a1f0230673598e6d182f5 | |
| parent | f526dc45cfa25705737599dbda4ad21f4d56ed88 (diff) | |
| download | gnutls-cf5bf721380610e2609a949e8de6925122a23924.tar.gz | |
lib: fix group selection in case of GOST cipher suites
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| -rw-r--r-- | lib/algorithms.h | 8 | ||||
| -rw-r--r-- | lib/priority.c | 3 |
2 files changed, 10 insertions, 1 deletions
diff --git a/lib/algorithms.h b/lib/algorithms.h index 0d14331154..a01cc9cb8c 100644 --- a/lib/algorithms.h +++ b/lib/algorithms.h @@ -488,6 +488,14 @@ static inline int _gnutls_kx_is_dhe(gnutls_kx_algorithm_t kx) return 0; } +static inline unsigned _gnutls_kx_is_vko_gost(gnutls_kx_algorithm_t kx) +{ + if (kx == GNUTLS_KX_VKO_GOST_12) + return 1; + + return 0; +} + static inline int _sig_is_ecdsa(gnutls_sign_algorithm_t sig) { if (sig == GNUTLS_SIGN_ECDSA_SHA1 || sig == GNUTLS_SIGN_ECDSA_SHA224 || diff --git a/lib/priority.c b/lib/priority.c index 1f0841fef1..93cd9d5fef 100644 --- a/lib/priority.c +++ b/lib/priority.c @@ -1605,7 +1605,8 @@ static int set_ciphersuite_list(gnutls_priority_t priority_cache) if (ce != NULL && priority_cache->cs.size < MAX_CIPHERSUITE_SIZE) { priority_cache->cs.entry[priority_cache->cs.size++] = ce; - if (!have_ec && _gnutls_kx_is_ecc(ce->kx_algorithm)) { + if (!have_ec && (_gnutls_kx_is_ecc(ce->kx_algorithm) || + _gnutls_kx_is_vko_gost(ce->kx_algorithm))) { have_ec = 1; add_ec(priority_cache); } |