From: Nikos Mavrogiannopoulos Date: Wed, 15 Jan 2014 09:16:44 +0000 (+0100) Subject: decreased certificate verification level to allow SHA1 as hash. X-Git-Tag: gnutls_3_3_0pre0~330 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=93b1ccab7bffd536a18aea167c22d0529ccb954f;p=thirdparty%2Fgnutls.git decreased certificate verification level to allow SHA1 as hash. --- diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c index d3120be610..34c64ee6c8 100644 --- a/lib/gnutls_priority.c +++ b/lib/gnutls_priority.c @@ -662,7 +662,7 @@ int check_level(const char *level, gnutls_priority_t priority_cache, func(&priority_cache->supported_ecc, supported_ecc_normal); if (GNUTLS_VFLAGS_TO_PROFILE(priority_cache->additional_verify_flags) == 0) - priority_cache->additional_verify_flags |= GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_LEGACY); + priority_cache->additional_verify_flags |= GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_LOW); if (priority_cache->level == 0) priority_cache->level = GNUTLS_SEC_PARAM_LOW; return 1; @@ -674,7 +674,7 @@ int check_level(const char *level, gnutls_priority_t priority_cache, func(&priority_cache->supported_ecc, supported_ecc_normal); if (GNUTLS_VFLAGS_TO_PROFILE(priority_cache->additional_verify_flags) == 0) - priority_cache->additional_verify_flags |= GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_LEGACY); + priority_cache->additional_verify_flags |= GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_LOW); if (priority_cache->level == 0) priority_cache->level = GNUTLS_SEC_PARAM_LOW; return 1; @@ -686,7 +686,7 @@ int check_level(const char *level, gnutls_priority_t priority_cache, func(&priority_cache->supported_ecc, supported_ecc_normal); if (GNUTLS_VFLAGS_TO_PROFILE(priority_cache->additional_verify_flags) == 0) - priority_cache->additional_verify_flags |= GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_LEGACY); + priority_cache->additional_verify_flags |= GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_LOW); if (priority_cache->level == 0) priority_cache->level = GNUTLS_SEC_PARAM_LOW; return 1;