@item %LATEST_RECORD_VERSION @tab
will use the latest TLS version record version in client hello.
+@item %RANDOM_PADDING @tab
+will use random padding to all sent TLS records. This is negotiated
+using an extension. Use @funcref{gnutls_record_get_random_padding_status}
+to check whether this has been negotiated in the current session.
+
@end multitable
@caption{Special priority string keywords.}
@end float
/**
- * gnutls_record_get_new_padding:
+ * gnutls_record_get_random_padding_status:
* @session: is a #gnutls_session_t structure.
*
* Returns: non-zero if the new padding scheme is enabled.
*
**/
int
-gnutls_record_get_new_padding (gnutls_session_t session)
+gnutls_record_get_random_padding_status (gnutls_session_t session)
{
return session->security_parameters.new_record_padding;
}
(*priority_cache)->server_precedence = 1;
}
else if (strcasecmp (&broken_list[i][1],
- "NEW_RECORD_PADDING") == 0)
+ "RANDOM_PADDING") == 0)
{
(*priority_cache)->new_record_padding = 1;
}
size_t gnutls_record_get_max_size (gnutls_session_t session);
ssize_t gnutls_record_set_max_size (gnutls_session_t session, size_t size);
- int gnutls_record_get_new_padding (gnutls_session_t session);
+ int gnutls_record_get_random_padding_status (gnutls_session_t session);
size_t gnutls_record_check_pending (gnutls_session_t session);
#define AES_CBC_SHA256 "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL"
#define AES_GCM "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL"
-#define NEW_AES_CBC "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL:%NEW_RECORD_PADDING"
-#define NEW_AES_CBC_SHA256 "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL:%NEW_RECORD_PADDING"
-#define NEW_AES_GCM "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL:%NEW_RECORD_PADDING"
+#define NEW_AES_CBC "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL:%RANDOM_PADDING"
+#define NEW_AES_CBC_SHA256 "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL:%RANDOM_PADDING"
+#define NEW_AES_GCM "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL:%RANDOM_PADDING"
static void ch_handler(int sig)
{