diff options
| author | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2020-01-08 22:07:19 +0300 |
|---|---|---|
| committer | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2020-01-10 02:22:44 +0300 |
| commit | b8b92db9eeeaeb429eb6d1eed0d358909a792beb (patch) | |
| tree | 22ab78b71d3cf673a7d3c3d4f415d2b3e0e8b71b | |
| parent | 6d8dd070c5a5eb5f9e4c0d798a1b51eb906e06a9 (diff) | |
| download | gnutls-b8b92db9eeeaeb429eb6d1eed0d358909a792beb.tar.gz | |
priority: add new GOST-ALL shortcut
Add GOST-ALL as an alias for CIPHER-GOST-ALL, MAC-GOST-ALL, KX-GOST-ALL,
SIGN-GOST-ALL and GROUP-GOST-ALL.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| -rw-r--r-- | doc/cha-gtls-app.texi | 5 | ||||
| -rw-r--r-- | lib/priority.c | 12 |
2 files changed, 17 insertions, 0 deletions
diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi index 47fd3bca65..8471dab6cc 100644 --- a/doc/cha-gtls-app.texi +++ b/doc/cha-gtls-app.texi @@ -1488,6 +1488,11 @@ CTYPE-CLI-RAWPK, CTYPE-SRV-RAWPK can be used to specialize on client or server; catch all is CTYPE-CLI-ALL and CTYPE-SRV-ALL. The type 'X509' is aliased to 'X.509' for legacy reasons. +@item Generic @tab +The keyword GOST is a shortcut for secure GOST algorithms (MACs, ciphers, +KXes, groups and signatures). For example the following string will enable all +TLS 1.2 GOST ciphersuites: 'NONE:+VERS-TLS1.2:+GOST'. + @end multitable @caption{The supported algorithm keywords in priority strings.} @end float diff --git a/lib/priority.c b/lib/priority.c index 7b34ae9e52..d8df62ef1c 100644 --- a/lib/priority.c +++ b/lib/priority.c @@ -2217,6 +2217,18 @@ gnutls_priority_init(gnutls_priority_t * priority_cache, bulk_fn(&(*priority_cache)->_kx, kx_priority_gost); } + } else if (c_strncasecmp + (&broken_list[i][1], "GOST", 4) == 0) { + bulk_given_fn(&(*priority_cache)->_supported_ecc, + _supported_groups_gost); + bulk_fn(&(*priority_cache)->_sign_algo, + sign_priority_gost); + bulk_fn(&(*priority_cache)->_mac, + mac_priority_gost); + bulk_fn(&(*priority_cache)->_cipher, + cipher_priority_gost); + bulk_fn(&(*priority_cache)->_kx, + kx_priority_gost); } else goto error; } else if (broken_list[i][0] == '%') { |