diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2006-04-11 15:37:22 +0000 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2006-04-11 15:37:22 +0000 |
| commit | 72786e47b81bcf2b75a341220b8503ee67a04f31 (patch) | |
| tree | 5997ce039efb9e14608f1abd4c9192b755a35e32 | |
| parent | 279f7eda4cef8a9ed4d12582bd28449aa788812b (diff) | |
| download | gnutls-72786e47b81bcf2b75a341220b8503ee67a04f31.tar.gz | |
removed AES-256 from the list of default ciphers. No point in having it (when everything else is far away even from 128 bit security)
| -rw-r--r-- | lib/gnutls_priority.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c index b9cb8ba2e6..898e6f3d79 100644 --- a/lib/gnutls_priority.c +++ b/lib/gnutls_priority.c @@ -261,7 +261,7 @@ gnutls_certificate_type_set_priority (gnutls_session_t session, * The order is TLS1, SSL3 for protocols. * RSA, DHE_DSS, DHE_RSA for key exchange * algorithms. SHA, MD5 and RIPEMD160 for MAC algorithms. - * AES_256_CBC, AES_128_CBC, 3DES_CBC, + * AES_128_CBC, 3DES_CBC, * and ARCFOUR_128 for ciphers. * * Returns 0 on success. @@ -274,12 +274,12 @@ gnutls_set_default_priority (gnutls_session_t session) static const int kx_priority[] = { GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA, 0 }; static const int cipher_priority[] = { - GNUTLS_CIPHER_AES_256_CBC, GNUTLS_CIPHER_AES_128_CBC, + GNUTLS_CIPHER_AES_128_CBC, GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR_128, 0 }; static const int comp_priority[] = { GNUTLS_COMP_NULL, 0 }; static const int mac_priority[] = - { GNUTLS_MAC_SHA1, GNUTLS_MAC_MD5, GNUTLS_MAC_RMD160, 0 }; + { GNUTLS_MAC_SHA1, GNUTLS_MAC_MD5, 0 }; gnutls_cipher_set_priority (session, cipher_priority); gnutls_compression_set_priority (session, comp_priority); @@ -317,13 +317,13 @@ gnutls_set_default_export_priority (gnutls_session_t session) GNUTLS_KX_RSA_EXPORT, 0 }; static const int cipher_priority[] = { - GNUTLS_CIPHER_AES_256_CBC, GNUTLS_CIPHER_AES_128_CBC, + GNUTLS_CIPHER_AES_128_CBC, GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR_128, GNUTLS_CIPHER_ARCFOUR_40, 0 }; static const int comp_priority[] = { GNUTLS_COMP_NULL, 0 }; static const int mac_priority[] = - { GNUTLS_MAC_SHA1, GNUTLS_MAC_MD5, GNUTLS_MAC_RMD160, 0 }; + { GNUTLS_MAC_SHA1, GNUTLS_MAC_MD5, 0 }; gnutls_cipher_set_priority (session, cipher_priority); gnutls_compression_set_priority (session, comp_priority); |