Attachment #434246 for bug #582752

View | Details | Raw Unified | Return to bug 582752
Collapse All | Expand All




++ b/src/stream.c


static int
handshake (struct stream_data *data)
{
	const char *priority_string = "SECURE256:+SECURE192:-VERS-TLS-ALL:+VERS-TLS1.2";
	const int kx_priority[] = { GNUTLS_KX_RSA, 0 };
	const int cipher_priority[] = { GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR, 0};
	const int comp_priority[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 };
	const int mac_priority[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 };
	int ret;

	if (gnutls_global_init () != 0)
		return IKS_NOMEM;

	if (gnutls_init (&data->sess, GNUTLS_CLIENT) != 0) {
		gnutls_certificate_free_credentials (data->cred);
		return IKS_NOMEM;
	}
	gnutls_priority_set_direct(data->sess, priority_string, NULL);
	gnutls_cipher_set_priority(data->sess, cipher_priority);
	gnutls_compression_set_priority(data->sess, comp_priority);
	gnutls_kx_set_priority(data->sess, kx_priority);
	gnutls_mac_set_priority(data->sess, mac_priority);
	gnutls_credentials_set (data->sess, GNUTLS_CRD_CERTIFICATE, data->cred);

	gnutls_transport_set_push_function (data->sess, (gnutls_push_func) tls_push);
	gnutls_transport_set_pull_function (data->sess, (gnutls_pull_func) tls_pull);

Return to bug 582752

Line Link Here

(-)file_not_specified_in_diff (-11 / +3 lines)
0	-- a/src/stream.c	0	++ b/src/stream.c
Lines 62-74 Link Here
62		62
63	static int	63	static int
64	handshake (struct stream_data *data)	64	handshake (struct stream_data *data)
65	{	65	{
66	const int protocol_priority[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 };	66	const char *priority_string = "SECURE256:+SECURE192:-VERS-TLS-ALL:+VERS-TLS1.2";
67	const int kx_priority[] = { GNUTLS_KX_RSA, 0 };
68	const int cipher_priority[] = { GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR, 0};
69	const int comp_priority[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 };
70	const int mac_priority[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 };
71	int ret;	67	int ret;
72		68
73	if (gnutls_global_init () != 0)	69	if (gnutls_global_init () != 0)
74	return IKS_NOMEM;	70	return IKS_NOMEM;
Lines 79-91 Link Here
79	if (gnutls_init (&data->sess, GNUTLS_CLIENT) != 0) {	75	if (gnutls_init (&data->sess, GNUTLS_CLIENT) != 0) {
80	gnutls_certificate_free_credentials (data->cred);	76	gnutls_certificate_free_credentials (data->cred);
81	return IKS_NOMEM;	77	return IKS_NOMEM;
82	}	78	}
83	gnutls_protocol_set_priority (data->sess, protocol_priority);	79	gnutls_priority_set_direct(data->sess, priority_string, NULL);
84	gnutls_cipher_set_priority(data->sess, cipher_priority);
85	gnutls_compression_set_priority(data->sess, comp_priority);
86	gnutls_kx_set_priority(data->sess, kx_priority);
87	gnutls_mac_set_priority(data->sess, mac_priority);
88	gnutls_credentials_set (data->sess, GNUTLS_CRD_CERTIFICATE, data->cred);	80	gnutls_credentials_set (data->sess, GNUTLS_CRD_CERTIFICATE, data->cred);
89		81
90	gnutls_transport_set_push_function (data->sess, (gnutls_push_func) tls_push);	82	gnutls_transport_set_push_function (data->sess, (gnutls_push_func) tls_push);
91	gnutls_transport_set_pull_function (data->sess, (gnutls_pull_func) tls_pull);	83	gnutls_transport_set_pull_function (data->sess, (gnutls_pull_func) tls_pull);