diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-10-30 10:28:20 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-10-30 12:43:33 +0100 |
| commit | fd3be4ac1dcc9493eece19db7e3a6f58c1f62776 (patch) | |
| tree | 79d83d57d64b5081de14858956424d26a49704b6 | |
| parent | ff242afece37072927dde1428aa920b5417c43cb (diff) | |
| download | gnutls-fd3be4ac1dcc9493eece19db7e3a6f58c1f62776.tar.gz | |
gnutls-serv: use default priorities when none are given
This makes it in par with gnutls-cli.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| -rw-r--r-- | NEWS | 11 | ||||
| -rw-r--r-- | src/serv.c | 18 |
2 files changed, 19 insertions, 10 deletions
@@ -14,13 +14,16 @@ See the end for copying conditions. ** libgnutls: Added support for AES-CMAC MAC (#351) -** p11tool: fix initialization of security officer's PIN with the --initialize-so-pin - option (#561) - -** In two previous versions GNUTLS_CIPHER_GOST28147_CPB/CPC/CPD_CFB ciphers +** libgnutls: In two previous versions GNUTLS_CIPHER_GOST28147_CPB/CPC/CPD_CFB ciphers have incorrectly used CryptoPro-A S-BOX instead of proper (CryptoPro-B/-C/-D S-BOXes). They are fixed now. +** p11tool: Fix initialization of security officer's PIN with the --initialize-so-pin + option (#561) + +** gnutls-serv: It applies the default settings when no --priority option is given, + using gnutls_set_default_priority(). + ** API and ABI modifications: GNUTLS_AUTO_REAUTH: Added GNUTLS_CIPHER_AES_128_CFB8: Added diff --git a/src/serv.c b/src/serv.c index ffaffc98ae..af58edd9cb 100644 --- a/src/serv.c +++ b/src/serv.c @@ -376,9 +376,6 @@ gnutls_session_t initialize_session(int dtls) gnutls_datum_t alpn[MAX_ALPN_PROTOCOLS]; unsigned alpn_size; - if (priorities == NULL) - priorities = "NORMAL"; - if (dtls) gnutls_init(&session, GNUTLS_SERVER | GNUTLS_DATAGRAM | GNUTLS_POST_HANDSHAKE_AUTH); else @@ -406,9 +403,18 @@ gnutls_session_t initialize_session(int dtls) gnutls_handshake_set_post_client_hello_function(session, &post_client_hello); - if (gnutls_priority_set_direct(session, priorities, &err) < 0) { - fprintf(stderr, "Syntax error at: %s\n", err); - exit(1); + if (priorities == NULL) { + ret = gnutls_set_default_priority(session); + if (ret < 0) { + fprintf(stderr, "Could not set default policy: %s\n", gnutls_strerror(ret)); + exit(1); + } + } else { + ret = gnutls_priority_set_direct(session, priorities, &err); + if (ret < 0) { + fprintf(stderr, "Syntax error at: %s\n", err); + exit(1); + } } alpn_size = MIN(MAX_ALPN_PROTOCOLS,alpn_protos_size); |