diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-03-29 09:51:32 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-04-06 13:28:55 +0200 |
commit | f09e8060b51881f9fefc0a82ec4656fb0e500ccb (patch) | |
tree | 846ca4c513ba5c4ef5b7cc9a7796120ffeedb0fb /lib/priority.c | |
parent | 9410ab601acccc44b15d367d965ed36ad937f313 (diff) | |
download | gnutls-f09e8060b51881f9fefc0a82ec4656fb0e500ccb.tar.gz |
priority: added GROUP-DH-ALL and GROUP-EC-ALL
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'lib/priority.c')
-rw-r--r-- | lib/priority.c | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/lib/priority.c b/lib/priority.c index 25f7ebab37..fef7d5f9ba 100644 --- a/lib/priority.c +++ b/lib/priority.c @@ -105,6 +105,22 @@ static void _clear_given_priorities(priority_st * st, const int *list) } } +static const int _supported_groups_dh[] = { + GNUTLS_GROUP_FFDHE2048, + GNUTLS_GROUP_FFDHE3072, + GNUTLS_GROUP_FFDHE4096, + GNUTLS_GROUP_FFDHE8192, + 0 +}; + +static const int _supported_groups_ecdh[] = { + GNUTLS_GROUP_SECP256R1, + GNUTLS_GROUP_SECP384R1, + GNUTLS_GROUP_SECP521R1, + GNUTLS_GROUP_X25519, /* draft-ietf-tls-rfc4492bis */ + 0 +}; + static const int _supported_groups_normal[] = { GNUTLS_GROUP_SECP256R1, GNUTLS_GROUP_SECP384R1, @@ -1585,6 +1601,18 @@ gnutls_priority_init(gnutls_priority_t * priority_cache, bulk_fn(&(*priority_cache)-> _supported_ecc, supported_groups_normal); + } else if (strncasecmp + (&broken_list[i][1], "GROUP-DH-ALL", + 12) == 0) { + bulk_given_fn(&(*priority_cache)-> + _supported_ecc, + _supported_groups_dh); + } else if (strncasecmp + (&broken_list[i][1], "GROUP-EC-ALL", + 12) == 0) { + bulk_given_fn(&(*priority_cache)-> + _supported_ecc, + _supported_groups_ecdh); } else { if ((algo = gnutls_group_get_id |