]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
verification profiles can be set individually as well.
authorNikos Mavrogiannopoulos <nmav@redhat.com>
Mon, 13 Jan 2014 10:12:39 +0000 (11:12 +0100)
committerNikos Mavrogiannopoulos <nmav@redhat.com>
Mon, 13 Jan 2014 10:12:39 +0000 (11:12 +0100)
lib/gnutls_priority.c

index 152efc43b6b2fdd3682c56dda50ece07a30709e9..2bfd4e8c2e0c3315d9b97adbf986bc1bed3eb5f9 100644 (file)
@@ -1111,6 +1111,34 @@ gnutls_priority_init(gnutls_priority_t * priority_cache,
                        } else if (strcasecmp(&broken_list[i][1],
                                              "SERVER_PRECEDENCE") == 0) {
                                (*priority_cache)->server_precedence = 1;
+                       } else if (strcasecmp(&broken_list[i][1],
+                                             "PROFILE_LOW") == 0) {
+                               (*priority_cache)->additional_verify_flags &= 0x00ffffff;
+                               (*priority_cache)->additional_verify_flags |= GNUTLS_VFLAGS_TO_PROFILE(GNUTLS_PROFILE_LOW);
+                       } else if (strcasecmp(&broken_list[i][1],
+                                             "PROFILE_LEGACY") == 0) {
+                               (*priority_cache)->additional_verify_flags &= 0x00ffffff;
+                               (*priority_cache)->additional_verify_flags |= GNUTLS_VFLAGS_TO_PROFILE(GNUTLS_PROFILE_LEGACY);
+                       } else if (strcasecmp(&broken_list[i][1],
+                                             "PROFILE_NORMAL") == 0) {
+                               (*priority_cache)->additional_verify_flags &= 0x00ffffff;
+                               (*priority_cache)->additional_verify_flags |= GNUTLS_VFLAGS_TO_PROFILE(GNUTLS_PROFILE_NORMAL);
+                       } else if (strcasecmp(&broken_list[i][1],
+                                             "PROFILE_HIGH") == 0) {
+                               (*priority_cache)->additional_verify_flags &= 0x00ffffff;
+                               (*priority_cache)->additional_verify_flags |= GNUTLS_VFLAGS_TO_PROFILE(GNUTLS_PROFILE_HIGH);
+                       } else if (strcasecmp(&broken_list[i][1],
+                                             "PROFILE_ULTRA") == 0) {
+                               (*priority_cache)->additional_verify_flags &= 0x00ffffff;
+                               (*priority_cache)->additional_verify_flags |= GNUTLS_VFLAGS_TO_PROFILE(GNUTLS_PROFILE_ULTRA);
+                       } else if (strcasecmp(&broken_list[i][1],
+                                             "PROFILE_SUITEB128") == 0) {
+                               (*priority_cache)->additional_verify_flags &= 0x00ffffff;
+                               (*priority_cache)->additional_verify_flags |= GNUTLS_VFLAGS_TO_PROFILE(GNUTLS_PROFILE_SUITEB128);
+                       } else if (strcasecmp(&broken_list[i][1],
+                                             "PROFILE_SUITEB192") == 0) {
+                               (*priority_cache)->additional_verify_flags &= 0x00ffffff;
+                               (*priority_cache)->additional_verify_flags |= GNUTLS_VFLAGS_TO_PROFILE(GNUTLS_PROFILE_SUITEB192);
                        } else if (strcasecmp(&broken_list[i][1],
                                              "NEW_PADDING") == 0) {
                                (*priority_cache)->new_record_padding = 1;