diff options
-rw-r--r-- | configure.in | 15 | ||||
-rw-r--r-- | includes/gnutls/gnutls.h.in | 2 | ||||
-rw-r--r-- | lgl/gc-libgcrypt.c | 10 | ||||
-rw-r--r-- | lgl/gc.h | 4 | ||||
-rw-r--r-- | lib/gnutls_algorithms.c | 56 | ||||
-rw-r--r-- | lib/gnutls_cipher_int.c | 10 | ||||
-rw-r--r-- | lib/gnutls_priority.c | 19 | ||||
-rw-r--r-- | libextra/gnutls_openssl.c | 28 | ||||
-rw-r--r-- | libextra/opencdk/opencdk.h | 3 | ||||
-rw-r--r-- | src/common.c | 6 | ||||
-rw-r--r-- | src/tests.c | 33 | ||||
-rw-r--r-- | src/tests.h | 3 | ||||
-rw-r--r-- | src/tls_test.c | 4 |
13 files changed, 183 insertions, 10 deletions
diff --git a/configure.in b/configure.in index 04a04056cb..e38d7197a4 100644 --- a/configure.in +++ b/configure.in @@ -446,6 +446,21 @@ else fi AM_CONDITIONAL(ENABLE_AUTHZ, test "$ac_enable_authz" != "no") +dnl Check for Camellia support +dnl +AC_MSG_CHECKING([for Camellia support in libgcrypt]) +if test -n "`$LIBGCRYPT_CONFIG --algorithms|grep -i camellia`"; then + is_camellia_present=yes +fi +if test x$is_camellia_present = xyes; then + AC_MSG_RESULT([yes]) + AC_DEFINE(ENABLE_CAMELLIA, 1, [enable camellia block cipher]) +else + AC_MSG_RESULT([no]) +fi +AM_CONDITIONAL(ENABLE_CAMELLIA, test "$is_camellia_present" = "yes") + + AC_MSG_CHECKING([whether to disable extra PKI stuff]) AC_ARG_ENABLE(extra-pki, AS_HELP_STRING([--disable-extra-pki], diff --git a/includes/gnutls/gnutls.h.in b/includes/gnutls/gnutls.h.in index 3889d09eff..ecfd261d97 100644 --- a/includes/gnutls/gnutls.h.in +++ b/includes/gnutls/gnutls.h.in @@ -75,6 +75,8 @@ extern "C" GNUTLS_CIPHER_AES_128_CBC, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_CIPHER_ARCFOUR_40, + GNUTLS_CIPHER_CAMELLIA_128_CBC, + GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_CIPHER_RC2_40_CBC = 90, GNUTLS_CIPHER_DES_CBC } gnutls_cipher_algorithm_t; diff --git a/lgl/gc-libgcrypt.c b/lgl/gc-libgcrypt.c index 683c73ffb4..f28a20f9f9 100644 --- a/lgl/gc-libgcrypt.c +++ b/lgl/gc-libgcrypt.c @@ -142,6 +142,16 @@ gc_cipher_open (Gc_cipher alg, Gc_cipher_mode mode, gcryalg = GCRY_CIPHER_RFC2268_40; break; +#ifdef ENABLE_CAMELLIA + case GC_CAMELLIA128: + gcryalg = GCRY_CIPHER_CAMELLIA128; + break; + + case GC_CAMELLIA256: + gcryalg = GCRY_CIPHER_CAMELLIA256; + break; +#endif + default: return GC_INVALID_CIPHER; } @@ -79,7 +79,9 @@ enum Gc_cipher GC_DES, GC_ARCFOUR128, GC_ARCFOUR40, - GC_ARCTWO40 + GC_ARCTWO40, + GC_CAMELLIA128, + GC_CAMELLIA256 }; typedef enum Gc_cipher Gc_cipher; diff --git a/lib/gnutls_algorithms.c b/lib/gnutls_algorithms.c index 7ec696e253..d1fdd577a9 100644 --- a/lib/gnutls_algorithms.c +++ b/lib/gnutls_algorithms.c @@ -163,6 +163,10 @@ static const gnutls_cipher_entry algorithms[] = { {"ARCFOUR 128", GNUTLS_CIPHER_ARCFOUR_128, 1, 16, CIPHER_STREAM, 0, 0}, {"ARCFOUR 40", GNUTLS_CIPHER_ARCFOUR_40, 1, 5, CIPHER_STREAM, 0, 1}, {"RC2 40", GNUTLS_CIPHER_RC2_40_CBC, 8, 5, CIPHER_BLOCK, 8, 1}, +#ifdef ENABLE_CAMELLIA + {"CAMELLIA 256 CBC", GNUTLS_CIPHER_CAMELLIA_256_CBC, 16, 32, CIPHER_BLOCK, 16, 0}, + {"CAMELLIA 128 CBC", GNUTLS_CIPHER_CAMELLIA_128_CBC, 16, 16, CIPHER_BLOCK, 16, 0}, +#endif {"NULL", GNUTLS_CIPHER_NULL, 1, 0, CIPHER_STREAM, 0, 0}, {0, 0, 0, 0, 0, 0, 0} }; @@ -176,6 +180,10 @@ static const gnutls_cipher_algorithm_t supported_ciphers[] = { GNUTLS_CIPHER_ARCFOUR_128, GNUTLS_CIPHER_ARCFOUR_40, GNUTLS_CIPHER_RC2_40_CBC, +#ifdef ENABLE_CAMELLIA + GNUTLS_CIPHER_CAMELLIA_256_CBC, + GNUTLS_CIPHER_CAMELLIA_128_CBC, +#endif GNUTLS_CIPHER_NULL, 0 }; @@ -377,6 +385,10 @@ typedef struct #define GNUTLS_ANON_DH_AES_128_CBC_SHA1 { 0x00, 0x34 } #define GNUTLS_ANON_DH_AES_256_CBC_SHA1 { 0x00, 0x3A } +/* rfc4132 */ +#define GNUTLS_ANON_DH_CAMELLIA_128_CBC_SHA1 { 0x00,0x46 } +#define GNUTLS_ANON_DH_CAMELLIA_256_CBC_SHA1 { 0x00,0x89 } + /* PSK (not in TLS 1.0) * draft-ietf-tls-psk: */ @@ -419,6 +431,10 @@ typedef struct #define GNUTLS_RSA_AES_128_CBC_SHA1 { 0x00, 0x2F } #define GNUTLS_RSA_AES_256_CBC_SHA1 { 0x00, 0x35 } +/* rfc4132 */ +#define GNUTLS_RSA_CAMELLIA_128_CBC_SHA1 { 0x00,0x41 } +#define GNUTLS_RSA_CAMELLIA_256_CBC_SHA1 { 0x00,0x84 } + /* DHE DSS */ @@ -435,6 +451,10 @@ typedef struct #define GNUTLS_DHE_DSS_AES_256_CBC_SHA1 { 0x00, 0x38 } #define GNUTLS_DHE_DSS_AES_128_CBC_SHA1 { 0x00, 0x32 } +/* rfc4132 */ +#define GNUTLS_DHE_DSS_CAMELLIA_128_CBC_SHA1 { 0x00,0x44 } +#define GNUTLS_DHE_DSS_CAMELLIA_256_CBC_SHA1 { 0x00,0x87 } + /* DHE RSA */ #define GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1 { 0x00, 0x16 } @@ -444,6 +464,10 @@ typedef struct #define GNUTLS_DHE_RSA_AES_128_CBC_SHA1 { 0x00, 0x33 } #define GNUTLS_DHE_RSA_AES_256_CBC_SHA1 { 0x00, 0x39 } +/* rfc4132 */ +#define GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA1 { 0x00,0x45 } +#define GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1 { 0x00,0x88 } + #define CIPHER_SUITES_COUNT sizeof(cs_algorithms)/sizeof(gnutls_cipher_suite_entry)-1 static const gnutls_cipher_suite_entry cs_algorithms[] = { @@ -461,6 +485,14 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ANON_DH, GNUTLS_MAC_SHA1, GNUTLS_SSL3), +#ifdef ENABLE_CAMELLIA + GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_CAMELLIA_128_CBC_SHA1, + GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_ANON_DH, + GNUTLS_MAC_SHA1, GNUTLS_TLS1), + GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_CAMELLIA_256_CBC_SHA1, + GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_ANON_DH, + GNUTLS_MAC_SHA1, GNUTLS_TLS1), +#endif /* PSK */ GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_PSK_SHA_ARCFOUR_SHA1, @@ -538,6 +570,14 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_DSS, GNUTLS_MAC_SHA1, GNUTLS_SSL3), +#ifdef ENABLE_CAMELLIA + GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_CAMELLIA_128_CBC_SHA1, + GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_DHE_DSS, + GNUTLS_MAC_SHA1, GNUTLS_TLS1), + GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_CAMELLIA_256_CBC_SHA1, + GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_DHE_DSS, + GNUTLS_MAC_SHA1, GNUTLS_TLS1), +#endif /* DHE_RSA */ GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1, GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_DHE_RSA, @@ -548,6 +588,14 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_RSA, GNUTLS_MAC_SHA1, GNUTLS_SSL3), +#ifdef ENABLE_CAMELLIA + GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA1, + GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_DHE_RSA, + GNUTLS_MAC_SHA1, GNUTLS_TLS1), + GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1, + GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_DHE_RSA, + GNUTLS_MAC_SHA1, GNUTLS_TLS1), +#endif /* RSA */ GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_NULL_MD5, GNUTLS_CIPHER_NULL, @@ -573,6 +621,14 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_RSA, GNUTLS_MAC_SHA1, GNUTLS_SSL3), +#ifdef ENABLE_CAMELLIA + GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_CAMELLIA_128_CBC_SHA1, + GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_RSA, + GNUTLS_MAC_SHA1, GNUTLS_TLS1), + GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_CAMELLIA_256_CBC_SHA1, + GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_RSA, + GNUTLS_MAC_SHA1, GNUTLS_TLS1), +#endif {0, {{0, 0}}, 0, 0, 0, 0} }; diff --git a/lib/gnutls_cipher_int.c b/lib/gnutls_cipher_int.c index 36b2e24754..148b297a3b 100644 --- a/lib/gnutls_cipher_int.c +++ b/lib/gnutls_cipher_int.c @@ -64,6 +64,16 @@ _gnutls_cipher_init (gnutls_cipher_algorithm_t cipher, err = gc_cipher_open (GC_ARCTWO40, GC_CBC, &ret); break; +#ifdef ENABLE_CAMELLIA + case GNUTLS_CIPHER_CAMELLIA_128_CBC: + err = gc_cipher_open (GC_CAMELLIA128, GC_CBC, &ret); + break; + + case GNUTLS_CIPHER_CAMELLIA_256_CBC: + err = gc_cipher_open (GC_CAMELLIA256, GC_CBC, &ret); + break; +#endif + default: return NULL; } diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c index 8acb903826..0f5c016f62 100644 --- a/lib/gnutls_priority.c +++ b/lib/gnutls_priority.c @@ -263,7 +263,8 @@ gnutls_certificate_type_set_priority (gnutls_session_t session, * Protocols: TLS 1.2, TLS 1.1, TLS 1.0, and SSL3. * Key exchange algorithm: DHE-PSK, PSK, SRP-RSA, SRP-DSS, SRP, * DHE-RSA, DHE-DSS, RSA. - * Cipher: AES_256_CBC, AES_128_CBC, 3DES_CBC, and ARCFOUR_128. + * Cipher: AES_256_CBC, AES_128_CBC, 3DES_CBC, CAMELLIA_256_CBC, CAMELLIA_128_CBC, + * and ARCFOUR_128. * MAC algorithm: SHA, and MD5. * Certificate types: X.509, OpenPGP * Compression: DEFLATE, NULL. @@ -299,6 +300,10 @@ gnutls_set_default_priority (gnutls_session_t session) GNUTLS_CIPHER_AES_256_CBC, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_CIPHER_3DES_CBC, +#ifdef ENABLE_CAMELLIA + GNUTLS_CIPHER_CAMELLIA_256_CBC, + GNUTLS_CIPHER_CAMELLIA_128_CBC, +#endif GNUTLS_CIPHER_ARCFOUR_128, /* GNUTLS_CIPHER_ARCFOUR_40: Insecure, don't add! */ 0 @@ -340,8 +345,8 @@ gnutls_set_default_priority (gnutls_session_t session) * The order is TLS1, SSL3 for protocols, RSA, DHE_DSS, * DHE_RSA, RSA_EXPORT for key exchange algorithms. * SHA, MD5, RIPEMD160 for MAC algorithms, - * AES_256_CBC, AES_128_CBC, - * and 3DES_CBC, ARCFOUR_128, ARCFOUR_40 for ciphers. + * AES_256_CBC, AES_128_CBC, 3DES_CBC, CAMELLIA_256_CBC, CAMELLIA_128_CBC, + * ARCFOUR_128, ARCFOUR_40 for ciphers. * * Returns 0 on success. * @@ -357,8 +362,14 @@ gnutls_set_default_export_priority (gnutls_session_t session) GNUTLS_KX_RSA_EXPORT, 0 }; static const int cipher_priority[] = { + GNUTLS_CIPHER_AES_256_CBC, GNUTLS_CIPHER_AES_128_CBC, - GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR_128, + GNUTLS_CIPHER_3DES_CBC, +#ifdef ENABLE_CAMELLIA + GNUTLS_CIPHER_CAMELLIA_256_CBC, + GNUTLS_CIPHER_CAMELLIA_128_CBC, +#endif + GNUTLS_CIPHER_ARCFOUR_128, GNUTLS_CIPHER_ARCFOUR_40, 0 }; static const int comp_priority[] = { GNUTLS_COMP_NULL, 0 }; diff --git a/libextra/gnutls_openssl.c b/libextra/gnutls_openssl.c index 4c2bb2383a..79654bae00 100644 --- a/libextra/gnutls_openssl.c +++ b/libextra/gnutls_openssl.c @@ -538,8 +538,15 @@ SSLv23_client_method (void) m->cipher_priority[0] = GNUTLS_CIPHER_AES_128_CBC; m->cipher_priority[1] = GNUTLS_CIPHER_3DES_CBC; m->cipher_priority[2] = GNUTLS_CIPHER_AES_256_CBC; +#ifdef ENABLE_CAMELLIA + m->cipher_priority[3] = GNUTLS_CIPHER_CAMELLIA_128_CBC; + m->cipher_priority[4] = GNUTLS_CIPHER_CAMELLIA_256_CBC; + m->cipher_priority[5] = GNUTLS_CIPHER_ARCFOUR_128; + m->cipher_priority[6] = 0; +#else m->cipher_priority[3] = GNUTLS_CIPHER_ARCFOUR_128; m->cipher_priority[4] = 0; +#endif m->comp_priority[0] = GNUTLS_COMP_ZLIB; m->comp_priority[1] = GNUTLS_COMP_NULL; @@ -574,8 +581,15 @@ SSLv23_server_method (void) m->cipher_priority[0] = GNUTLS_CIPHER_AES_128_CBC; m->cipher_priority[1] = GNUTLS_CIPHER_3DES_CBC; m->cipher_priority[2] = GNUTLS_CIPHER_AES_256_CBC; +#ifdef ENABLE_CAMELLIA + m->cipher_priority[3] = GNUTLS_CIPHER_CAMELLIA_128_CBC; + m->cipher_priority[4] = GNUTLS_CIPHER_CAMELLIA_256_CBC; + m->cipher_priority[5] = GNUTLS_CIPHER_ARCFOUR_128; + m->cipher_priority[6] = 0; +#else m->cipher_priority[3] = GNUTLS_CIPHER_ARCFOUR_128; m->cipher_priority[4] = 0; +#endif m->comp_priority[0] = GNUTLS_COMP_ZLIB; m->comp_priority[1] = GNUTLS_COMP_NULL; @@ -675,8 +689,15 @@ TLSv1_client_method (void) m->cipher_priority[0] = GNUTLS_CIPHER_AES_128_CBC; m->cipher_priority[1] = GNUTLS_CIPHER_3DES_CBC; m->cipher_priority[2] = GNUTLS_CIPHER_AES_256_CBC; +#ifdef ENABLE_CAMELLIA + m->cipher_priority[3] = GNUTLS_CIPHER_CAMELLIA_128_CBC; + m->cipher_priority[4] = GNUTLS_CIPHER_CAMELLIA_256_CBC; + m->cipher_priority[5] = GNUTLS_CIPHER_ARCFOUR_128; + m->cipher_priority[6] = 0; +#else m->cipher_priority[3] = GNUTLS_CIPHER_ARCFOUR_128; m->cipher_priority[4] = 0; +#endif m->comp_priority[0] = GNUTLS_COMP_ZLIB; m->comp_priority[1] = GNUTLS_COMP_NULL; @@ -710,8 +731,15 @@ TLSv1_server_method (void) m->cipher_priority[0] = GNUTLS_CIPHER_AES_128_CBC; m->cipher_priority[1] = GNUTLS_CIPHER_3DES_CBC; m->cipher_priority[2] = GNUTLS_CIPHER_AES_256_CBC; +#ifdef ENABLE_CAMELLIA + m->cipher_priority[3] = GNUTLS_CIPHER_CAMELLIA_128_CBC; + m->cipher_priority[4] = GNUTLS_CIPHER_CAMELLIA_256_CBC; + m->cipher_priority[5] = GNUTLS_CIPHER_ARCFOUR_128; + m->cipher_priority[6] = 0; +#else m->cipher_priority[3] = GNUTLS_CIPHER_ARCFOUR_128; m->cipher_priority[4] = 0; +#endif m->comp_priority[0] = GNUTLS_COMP_ZLIB; m->comp_priority[1] = GNUTLS_COMP_NULL; diff --git a/libextra/opencdk/opencdk.h b/libextra/opencdk/opencdk.h index e5a4b52e24..ea2f1b24bd 100644 --- a/libextra/opencdk/opencdk.h +++ b/libextra/opencdk/opencdk.h @@ -195,7 +195,8 @@ enum cdk_cipher_algo_t { CDK_CIPHER_AES = 7, CDK_CIPHER_AES192 = 8, CDK_CIPHER_AES256 = 9, - CDK_CIPHER_TWOFISH = 10 + CDK_CIPHER_TWOFISH = 10, + CDK_CIPHER_CAMELLIA256 = 11 /* experimental use only, upcoming 2440bis */ }; diff --git a/src/common.c b/src/common.c index cfef402c39..3ec841d270 100644 --- a/src/common.c +++ b/src/common.c @@ -769,6 +769,12 @@ parse_ciphers (char **ciphers, int nciphers, int *cipher_priority) cipher_priority[j++] = GNUTLS_CIPHER_ARCFOUR_40; else if (strcasecmp (ciphers[i], "ARCFOUR") == 0) cipher_priority[j++] = GNUTLS_CIPHER_ARCFOUR_128; +#ifdef ENABLE_CAMELLIA + else if (strncasecmp (ciphers[i], "CAMELLIA-2", 10) == 0) + cipher_priority[j++] = GNUTLS_CIPHER_CAMELLIA_256_CBC; + else if (strncasecmp (ciphers[i], "CAM", 3) == 0) + cipher_priority[j++] = GNUTLS_CIPHER_CAMELLIA_128_CBC; +#endif else if (strncasecmp (ciphers[i], "NUL", 3) == 0) cipher_priority[j++] = GNUTLS_CIPHER_NULL; else diff --git a/src/tests.c b/src/tests.c index 9c36b20b99..bc9bc11be9 100644 --- a/src/tests.c +++ b/src/tests.c @@ -154,12 +154,14 @@ ADD_CIPHER (gnutls_session_t session, int cipher) } static void -ADD_CIPHER3 (gnutls_session_t session, int cipher1, int cipher2, int cipher3) +ADD_CIPHER4 (gnutls_session_t session, int cipher1, int cipher2, int cipher3, + int cipher4) { - static int _cipher_priority[] = { 0, 0, 0, 0 }; + static int _cipher_priority[] = { 0, 0, 0, 0, 0 }; _cipher_priority[0] = cipher1; _cipher_priority[1] = cipher2; _cipher_priority[2] = cipher3; + _cipher_priority[3] = cipher4; gnutls_cipher_set_priority (session, _cipher_priority); } @@ -560,6 +562,24 @@ test_aes (gnutls_session_t session) return ret; } +#ifdef ENABLE_CAMELLIA +test_code_t +test_camellia (gnutls_session_t session) +{ + int ret; + ADD_CIPHER (session, GNUTLS_CIPHER_CAMELLIA_128_CBC); + ADD_ALL_COMP (session); + ADD_ALL_CERTTYPES (session); + ADD_ALL_PROTOCOLS (session); + ADD_ALL_MACS (session); + ADD_ALL_KX (session); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); + return ret; +} +#endif + test_code_t test_openpgp1 (gnutls_session_t session) { @@ -586,8 +606,13 @@ test_code_t test_unknown_ciphersuites (gnutls_session_t session) { int ret; - ADD_CIPHER3 (session, GNUTLS_CIPHER_AES_128_CBC, - GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR_128); +#ifdef ENABLE_CAMELLIA + ADD_CIPHER4 (session, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_CIPHER_3DES_CBC, + GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_CIPHER_ARCFOUR_128); +#else + ADD_CIPHER4 (session, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_CIPHER_3DES_CBC, + GNUTLS_CIPHER_ARCFOUR_128, 0); +#endif ADD_ALL_COMP (session); ADD_ALL_CERTTYPES (session); ADD_ALL_PROTOCOLS (session); diff --git a/src/tests.h b/src/tests.h index 072b2cae97..bfb357f927 100644 --- a/src/tests.h +++ b/src/tests.h @@ -12,6 +12,9 @@ test_code_t test_dhe (gnutls_session_t state); test_code_t test_dhe_group (gnutls_session_t state); test_code_t test_ssl3 (gnutls_session_t state); test_code_t test_aes (gnutls_session_t state); +#ifdef ENABLE_CAMELLIA +test_code_t test_camellia (gnutls_session_t state); +#endif test_code_t test_md5 (gnutls_session_t state); test_code_t test_sha (gnutls_session_t state); test_code_t test_3des (gnutls_session_t state); diff --git a/src/tls_test.c b/src/tls_test.c index ab79257c95..206315ae2d 100644 --- a/src/tls_test.c +++ b/src/tls_test.c @@ -129,6 +129,10 @@ static const TLS_TEST tls_tests[] = { "N/A"}, {"for AES cipher support (TLS extension)", test_aes, "yes", "no", "dunno"}, +#ifdef ENABLE_CAMELLIA + {"for CAMELLIA cipher support (TLS extension)", test_camellia, "yes", "no", + "dunno"}, +#endif {"for 3DES cipher support", test_3des, "yes", "no", "dunno"}, {"for ARCFOUR 128 cipher support", test_arcfour, "yes", "no", "dunno"}, {"for ARCFOUR 40 cipher support", test_arcfour_40, "yes", "no", |