summaryrefslogtreecommitdiff
path: root/lib/priority.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/priority.c')
-rw-r--r--lib/priority.c47
1 files changed, 21 insertions, 26 deletions
diff --git a/lib/priority.c b/lib/priority.c
index 900bbf7783..1ed5d84927 100644
--- a/lib/priority.c
+++ b/lib/priority.c
@@ -1,6 +1,6 @@
/*
* Copyright (C) 2004-2015 Free Software Foundation, Inc.
- * Copyright (C) 2015-2017 Red Hat, Inc.
+ * Copyright (C) 2015-2019 Red Hat, Inc.
*
* Author: Nikos Mavrogiannopoulos
*
@@ -36,10 +36,17 @@
#include "errno.h"
#include "ext/srp.h"
#include <gnutls/gnutls.h>
+#include "profiles.h"
#include "c-strcase.h"
#define MAX_ELEMENTS 64
+#define ENABLE_PROFILE(c, profile) do { \
+ c->additional_verify_flags &= 0x00ffffff; \
+ c->additional_verify_flags |= GNUTLS_PROFILE_TO_VFLAGS(profile); \
+ c->level = _gnutls_profile_to_sec_level(profile); \
+ } while(0)
+
/* This function is used by the test suite */
char *_gnutls_resolve_priorities(const char* priorities);
const char *_gnutls_default_priority_string = DEFAULT_PRIORITY_STRING;
@@ -839,51 +846,39 @@ static void disable_wildcards(gnutls_priority_t c)
}
static void enable_profile_very_weak(gnutls_priority_t c)
{
- c->additional_verify_flags &= 0x00ffffff;
- c->additional_verify_flags |= GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_VERY_WEAK);
- c->level = GNUTLS_SEC_PARAM_VERY_WEAK;
+ ENABLE_PROFILE(c, GNUTLS_PROFILE_VERY_WEAK);
}
static void enable_profile_low(gnutls_priority_t c)
{
- c->additional_verify_flags &= 0x00ffffff;
- c->additional_verify_flags |= GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_LOW);
- c->level = GNUTLS_SEC_PARAM_LOW;
+ ENABLE_PROFILE(c, GNUTLS_PROFILE_LOW);
}
static void enable_profile_legacy(gnutls_priority_t c)
{
- c->additional_verify_flags &= 0x00ffffff;
- c->additional_verify_flags |= GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_LEGACY);
- c->level = GNUTLS_SEC_PARAM_LEGACY;
+ ENABLE_PROFILE(c, GNUTLS_PROFILE_LEGACY);
+}
+static void enable_profile_medium(gnutls_priority_t c)
+{
+ ENABLE_PROFILE(c, GNUTLS_PROFILE_MEDIUM);
}
static void enable_profile_high(gnutls_priority_t c)
{
- c->additional_verify_flags &= 0x00ffffff;
- c->additional_verify_flags |= GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_HIGH);
- c->level = GNUTLS_SEC_PARAM_HIGH;
+ ENABLE_PROFILE(c, GNUTLS_PROFILE_HIGH);
}
static void enable_profile_ultra(gnutls_priority_t c)
{
- c->additional_verify_flags &= 0x00ffffff;
- c->additional_verify_flags |= GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_ULTRA);
- c->level = GNUTLS_SEC_PARAM_ULTRA;
+ ENABLE_PROFILE(c, GNUTLS_PROFILE_ULTRA);
}
-static void enable_profile_medium(gnutls_priority_t c)
+static void enable_profile_future(gnutls_priority_t c)
{
- c->additional_verify_flags &= 0x00ffffff;
- c->additional_verify_flags |= GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_MEDIUM);
- c->level = GNUTLS_SEC_PARAM_MEDIUM;
+ ENABLE_PROFILE(c, GNUTLS_PROFILE_FUTURE);
}
static void enable_profile_suiteb128(gnutls_priority_t c)
{
- c->additional_verify_flags &= 0x00ffffff;
- c->additional_verify_flags |= GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_SUITEB128);
- c->level = GNUTLS_SEC_PARAM_HIGH;
+ ENABLE_PROFILE(c, GNUTLS_PROFILE_SUITEB128);
}
static void enable_profile_suiteb192(gnutls_priority_t c)
{
- c->additional_verify_flags &= 0x00ffffff;
- c->additional_verify_flags |= GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_SUITEB192);
- c->level = GNUTLS_SEC_PARAM_ULTRA;
+ ENABLE_PROFILE(c, GNUTLS_PROFILE_SUITEB128);
}
static void enable_safe_renegotiation(gnutls_priority_t c)
{
View Lorry Controller Status