From 2ce3818a2591e2bd914469f0eb6cd86e276f6adb Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Thu, 2 Oct 2003 15:02:31 +0000 Subject: Rolled back some of Arne's changes. Now the ciphers can be set in the client/server. --- src/cli.c | 12 ++++++------ src/common.h | 4 ++++ src/serv.c | 12 ++++++------ 3 files changed, 16 insertions(+), 12 deletions(-) diff --git a/src/cli.c b/src/cli.c index ca25a04fa5..a5c48300bf 100644 --- a/src/cli.c +++ b/src/cli.c @@ -78,20 +78,20 @@ static gnutls_srp_client_credentials srp_cred; static gnutls_anon_client_credentials anon_cred; static gnutls_certificate_credentials xcred; -static const int protocol_priority[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 }; -static const int kx_priority[] = +int protocol_priority[PRI_MAX] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 }; +int kx_priority[PRI_MAX] = { GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA, GNUTLS_KX_SRP, /* Do not use anonymous authentication, unless you know what that means */ GNUTLS_KX_ANON_DH, GNUTLS_KX_RSA_EXPORT, 0 }; -static const int cipher_priority[] = +int cipher_priority[PRI_MAX] = { GNUTLS_CIPHER_ARCFOUR_128, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR_40, 0 }; -static const int comp_priority[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 }; -static const int mac_priority[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 }; -static const int cert_type_priority[] = { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 }; +int comp_priority[PRI_MAX] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 }; +int mac_priority[PRI_MAX] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 }; +int cert_type_priority[PRI_MAX] = { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 }; /* end of global stuff */ diff --git a/src/common.h b/src/common.h index 956cb7dc37..594b33ea9e 100644 --- a/src/common.h +++ b/src/common.h @@ -3,6 +3,10 @@ #include +/* the number of elements in the priority structures. + */ +#define PRI_MAX 16 + int print_info( gnutls_session state, const char* hostname); void print_cert_info( gnutls_session state, const char* hostname); void print_list(void); diff --git a/src/serv.c b/src/serv.c index 578de0bb66..74a3a2bb59 100644 --- a/src/serv.c +++ b/src/serv.c @@ -245,21 +245,21 @@ static int generate_rsa_params(void) return 0; } -static const int protocol_priority[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 }; -static const int kx_priority[] = +int protocol_priority[PRI_MAX] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 }; +int kx_priority[PRI_MAX] = { GNUTLS_KX_DHE_DSS, GNUTLS_KX_RSA, GNUTLS_KX_DHE_RSA, GNUTLS_KX_SRP, /* Do not use anonymous authentication, unless you know what that means */ GNUTLS_KX_ANON_DH, GNUTLS_KX_RSA_EXPORT, 0 }; -static const int cipher_priority[] = +int cipher_priority[PRI_MAX] = { GNUTLS_CIPHER_AES_128_CBC, GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR_128, GNUTLS_CIPHER_ARCFOUR_40, 0 }; -static const int comp_priority[] = +int comp_priority[PRI_MAX] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_LZO, GNUTLS_COMP_NULL, 0 }; -static const int mac_priority[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 }; -static const int cert_type_priority[] = { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 }; +int mac_priority[PRI_MAX] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 }; +int cert_type_priority[PRI_MAX] = { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 }; LIST_DECLARE_INIT(listener_list, listener_item, listener_free); -- cgit v1.2.1