diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-03-20 09:23:13 +0000 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-03-20 09:23:13 +0000 |
| commit | aa3fda413b5f2eaaa1a9a36c5c774c49b38ef56b (patch) | |
| tree | 34a1d91499b92ff56d111892f4bf60ceb12755c5 /lib/gnutls_priority.c | |
| parent | 3a1567bb57c54d95067bd7aea8351f3606b968d0 (diff) | |
| download | gnutls-aa3fda413b5f2eaaa1a9a36c5c774c49b38ef56b.tar.gz | |
* The diffie Hellman ciphersuites are now of higher priority than
the plain RSA.
* Added the new libtasn1.
Diffstat (limited to 'lib/gnutls_priority.c')
| -rw-r--r-- | lib/gnutls_priority.c | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c index 166d5fc207..6158140473 100644 --- a/lib/gnutls_priority.c +++ b/lib/gnutls_priority.c @@ -256,7 +256,8 @@ int gnutls_certificate_type_set_priority(gnutls_session session, * the appropriate functions. * * The order is TLS1, SSL3 for protocols. - * GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA for key exchange algorithms. + * GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA, GNUTLS_KX_RSA for key exchange + * algorithms. * GNUTLS_MAC_SHA, GNUTLS_MAC_MD5 for MAC algorithms. * GNUTLS_CIPHER_RIJNDAEL_256_CBC, * GNUTLS_CIPHER_RIJNDAEL_128_CBC, @@ -269,7 +270,7 @@ int gnutls_set_default_priority(gnutls_session session) static const int protocol_priority[16] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 }; static const int kx_priority[16] = - { GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA, 0 }; + { GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA, GNUTLS_KX_RSA, 0 }; static const int cipher_priority[16] = { GNUTLS_CIPHER_RIJNDAEL_256_CBC, GNUTLS_CIPHER_RIJNDAEL_128_CBC, GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR_128, 0 @@ -294,8 +295,8 @@ int gnutls_set_default_priority(gnutls_session session) * Sets some default priority on the ciphers, key exchange methods, macs * and compression methods. This is to avoid using the gnutls_*_priority() functions, if * these defaults are ok. This function also includes weak algorithms. - * The order is TLS1, SSL3 for protocols, GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS, - * GNUTLS_KX_DHE_RSA, GNUTLS_KX_RSA_EXPORT for key exchange algorithms. + * The order is TLS1, SSL3 for protocols, GNUTLS_KX_DHE_DSS, + * GNUTLS_KX_DHE_RSA, GNUTLS_KX_RSA, GNUTLS_KX_RSA_EXPORT for key exchange algorithms. * GNUTLS_MAC_SHA, GNUTLS_MAC_MD5 for MAC algorithms, * GNUTLS_CIPHER_RIJNDAEL_256_CBC, GNUTLS_CIPHER_RIJNDAEL_128_CBC, * and GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR_128, @@ -308,8 +309,8 @@ int gnutls_set_default_export_priority(gnutls_session session) GNUTLS_TLS1, GNUTLS_SSL3, 0 }; static const int kx_priority[16] = { - GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA, - GNUTLS_KX_RSA_EXPORT, 0 + GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA, + GNUTLS_KX_RSA, GNUTLS_KX_RSA_EXPORT, 0 }; static const int cipher_priority[16] = { GNUTLS_CIPHER_RIJNDAEL_256_CBC, GNUTLS_CIPHER_RIJNDAEL_128_CBC, |