Attachment #326820 for bug #421421

View | Details | Raw Unified | Return to bug 421421
Collapse All | Expand All




	if (ctxt->sc->certs_x509[0] != NULL && ctxt->sc->cert_pgp == NULL) {
		cprio[0] = GNUTLS_CRT_X509;
		cprio[1] = 0;
		gnutls_priority_set_direct(session, "NORMAL:+SSL3.0:-TLS1.0:-TLS1.1:-TLS1.2",0);
	} else if (ctxt->sc->cert_pgp != NULL
		   && ctxt->sc->certs_x509[0] == NULL) {
		cprio[0] = GNUTLS_CRT_OPENPGP;
		cprio[1] = 0;
		gnutls_priority_set_direct(session, "NORMAL:+SSL3.0:-TLS1.0:-TLS1.1:-TLS1.2",0);
	}

	return 0;

							 load);
		}

		gnutls_certificate_set_retrieve_function(sc->certs,
								cert_retrieve_fn);

#ifdef ENABLE_SRP

	 * the user hello callback) we need to at least set this in order for
	 * gnutls to be able to read packets.
	 */
	gnutls_priority_set_direct(ctxt->session, "NORMAL:+SSL3.0:-TLS1.0:-TLS1.1:-TLS1.2",0);

	gnutls_handshake_set_post_client_hello_function(ctxt->session,
							mgs_select_virtual_server_cb);

Return to bug 421421

Lines 181-192 Link Here

(-)src/gnutls_hooks.c_old (-4 / +4 lines)
181	if (ctxt->sc->certs_x509[0] != NULL && ctxt->sc->cert_pgp == NULL) {	181	if (ctxt->sc->certs_x509[0] != NULL && ctxt->sc->cert_pgp == NULL) {
182	cprio[0] = GNUTLS_CRT_X509;	182	cprio[0] = GNUTLS_CRT_X509;
183	cprio[1] = 0;	183	cprio[1] = 0;
184	gnutls_certificate_type_set_priority(session, cprio);	184	gnutls_priority_set_direct(session, "NORMAL:+SSL3.0:-TLS1.0:-TLS1.1:-TLS1.2",0);
185	} else if (ctxt->sc->cert_pgp != NULL	185	} else if (ctxt->sc->cert_pgp != NULL
186	&& ctxt->sc->certs_x509[0] == NULL) {	186	&& ctxt->sc->certs_x509[0] == NULL) {
187	cprio[0] = GNUTLS_CRT_OPENPGP;	187	cprio[0] = GNUTLS_CRT_OPENPGP;
188	cprio[1] = 0;	188	cprio[1] = 0;
189	gnutls_certificate_type_set_priority(session, cprio);	189	gnutls_priority_set_direct(session, "NORMAL:+SSL3.0:-TLS1.0:-TLS1.1:-TLS1.2",0);
190	}	190	}
191		191
192	return 0;	192	return 0;
Lines 426-432 Link Here
426	load);	426	load);
427	}	427	}
428		428
429	gnutls_certificate_server_set_retrieve_function(sc->certs,	429	gnutls_certificate_set_retrieve_function(sc->certs,
430	cert_retrieve_fn);	430	cert_retrieve_fn);
431		431
432	#ifdef ENABLE_SRP	432	#ifdef ENABLE_SRP
Lines 721-727 Link Here
721	* the user hello callback) we need to at least set this in order for	721	* the user hello callback) we need to at least set this in order for
722	* gnutls to be able to read packets.	722	* gnutls to be able to read packets.
723	*/	723	*/
724	gnutls_protocol_set_priority(ctxt->session, protocol_priority);	724	gnutls_priority_set_direct(ctxt->session, "NORMAL:+SSL3.0:-TLS1.0:-TLS1.1:-TLS1.2",0);
725		725
726	gnutls_handshake_set_post_client_hello_function(ctxt->session,	726	gnutls_handshake_set_post_client_hello_function(ctxt->session,
727	mgs_select_virtual_server_cb);	727	mgs_select_virtual_server_cb);