diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-10-13 12:20:30 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-10-13 13:20:03 +0200 |
commit | 9754daef647fa5b313e83d5a59c01f7c4f5048b4 (patch) | |
tree | 6e7b27caab03a0e79eb3543d5a5d53bcf511bd5b /src | |
parent | 43269acc9bef22a9735047f35f1eb4577b492c18 (diff) | |
download | gnutls-9754daef647fa5b313e83d5a59c01f7c4f5048b4.tar.gz |
disable default extensions on --disable-extensions.
Diffstat (limited to 'src')
-rw-r--r-- | src/cli-args.c | 2 | ||||
-rw-r--r-- | src/cli-args.def | 2 | ||||
-rw-r--r-- | src/cli-args.h | 2 | ||||
-rw-r--r-- | src/cli.c | 23 |
4 files changed, 9 insertions, 20 deletions
diff --git a/src/cli-args.c b/src/cli-args.c index 819ac38d66..6c7a01a70f 100644 --- a/src/cli-args.c +++ b/src/cli-args.c @@ -2,7 +2,7 @@ * * DO NOT EDIT THIS FILE (cli-args.c) * - * It has been AutoGen-ed October 7, 2012 at 01:02:46 PM by AutoGen 5.16 + * It has been AutoGen-ed October 13, 2012 at 09:26:42 AM by AutoGen 5.16 * From the definitions cli-args.def * and the template file options * diff --git a/src/cli-args.def b/src/cli-args.def index a23e0a58cc..072004fe78 100644 --- a/src/cli-args.def +++ b/src/cli-args.def @@ -125,7 +125,7 @@ flag = { flag = { name = disable-extensions; descrip = "Disable all the TLS extensions"; - doc = ""; + doc = "This option disables all TLS extensions. Deprecated option. Use the priority string."; }; flag = { diff --git a/src/cli-args.h b/src/cli-args.h index f2ad811dfd..7c3627816d 100644 --- a/src/cli-args.h +++ b/src/cli-args.h @@ -2,7 +2,7 @@ * * DO NOT EDIT THIS FILE (cli-args.h) * - * It has been AutoGen-ed October 7, 2012 at 01:02:46 PM by AutoGen 5.16 + * It has been AutoGen-ed October 13, 2012 at 09:26:42 AM by AutoGen 5.16 * From the definitions cli-args.def * and the template file options * @@ -89,6 +89,7 @@ const char *x509_cafile = NULL; const char *x509_crlfile = NULL; static int x509ctype; static int disable_extensions; +static unsigned int init_flags = GNUTLS_CLIENT; static const char * priorities = NULL; const char *psk_username = NULL; @@ -612,12 +613,12 @@ init_tls_session (const char *hostname) if (udp) { - gnutls_init (&session, GNUTLS_CLIENT|GNUTLS_DATAGRAM); + gnutls_init (&session, GNUTLS_DATAGRAM|init_flags); if (mtu) gnutls_dtls_set_mtu(session, mtu); } else - gnutls_init (&session, GNUTLS_CLIENT); + gnutls_init (&session, init_flags); if ((ret = gnutls_priority_set_direct (session, priorities, &err)) < 0) { @@ -671,21 +672,6 @@ init_tls_session (const char *hostname) if (HAVE_OPT(HEARTBEAT)) gnutls_heartbeat_enable (session, GNUTLS_HB_PEER_ALLOWED_TO_SEND); - /* OCSP status-request TLS extension */ - if (status_request_ocsp > 0 && disable_extensions == 0) - { - if (gnutls_ocsp_status_request_enable_client (session, NULL, 0, NULL) < 0) - { - fprintf (stderr, "Cannot set OCSP status request information.\n"); - exit (1); - } - } - -#ifdef ENABLE_SESSION_TICKET - if (disable_extensions == 0 && !HAVE_OPT(NOTICKET)t) - gnutls_session_ticket_enable_client (session); -#endif - return session; } @@ -1127,6 +1113,9 @@ const char* rest = NULL; } disable_extensions = HAVE_OPT( DISABLE_EXTENSIONS); + if (disable_extensions) + init_flags |= GNUTLS_NO_EXTENSIONS; + starttls = HAVE_OPT(STARTTLS); resume = HAVE_OPT(RESUME); rehandshake = HAVE_OPT(REHANDSHAKE); |