From: Nikos Mavrogiannopoulos Date: Wed, 19 Dec 2012 14:04:36 +0000 (+0200) Subject: NEW_RECORD_PADDING priority string was renamed to RANDOM_PADDING X-Git-Tag: gnutls_3_1_7~134 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=175d9674d01a4f59403fd4e87ab6ef12f228c0f0;p=thirdparty%2Fgnutls.git NEW_RECORD_PADDING priority string was renamed to RANDOM_PADDING --- diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi index c1fc6334f0..bf4ab617c7 100644 --- a/doc/cha-gtls-app.texi +++ b/doc/cha-gtls-app.texi @@ -1002,6 +1002,11 @@ This is the default. @item %LATEST_RECORD_VERSION @tab will use the latest TLS version record version in client hello. +@item %RANDOM_PADDING @tab +will use random padding to all sent TLS records. This is negotiated +using an extension. Use @funcref{gnutls_record_get_random_padding_status} +to check whether this has been negotiated in the current session. + @end multitable @caption{Special priority string keywords.} @end float diff --git a/lib/ext/new_record_padding.c b/lib/ext/new_record_padding.c index 71089f9270..2b1da1414a 100644 --- a/lib/ext/new_record_padding.c +++ b/lib/ext/new_record_padding.c @@ -131,14 +131,14 @@ int ret; /** - * gnutls_record_get_new_padding: + * gnutls_record_get_random_padding_status: * @session: is a #gnutls_session_t structure. * * Returns: non-zero if the new padding scheme is enabled. * **/ int -gnutls_record_get_new_padding (gnutls_session_t session) +gnutls_record_get_random_padding_status (gnutls_session_t session) { return session->security_parameters.new_record_padding; } diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c index fcf13e3bc5..645d6d5b10 100644 --- a/lib/gnutls_priority.c +++ b/lib/gnutls_priority.c @@ -1037,7 +1037,7 @@ gnutls_priority_init (gnutls_priority_t * priority_cache, (*priority_cache)->server_precedence = 1; } else if (strcasecmp (&broken_list[i][1], - "NEW_RECORD_PADDING") == 0) + "RANDOM_PADDING") == 0) { (*priority_cache)->new_record_padding = 1; } diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index d602a918b6..2b7b706b84 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -900,7 +900,7 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session); size_t gnutls_record_get_max_size (gnutls_session_t session); ssize_t gnutls_record_set_max_size (gnutls_session_t session, size_t size); - int gnutls_record_get_new_padding (gnutls_session_t session); + int gnutls_record_get_random_padding_status (gnutls_session_t session); size_t gnutls_record_check_pending (gnutls_session_t session); diff --git a/tests/mini-record.c b/tests/mini-record.c index b259728df3..48cd5ebfb7 100644 --- a/tests/mini-record.c +++ b/tests/mini-record.c @@ -397,9 +397,9 @@ static void start (const char* prio) #define AES_CBC_SHA256 "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" #define AES_GCM "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" -#define NEW_AES_CBC "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL:%NEW_RECORD_PADDING" -#define NEW_AES_CBC_SHA256 "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL:%NEW_RECORD_PADDING" -#define NEW_AES_GCM "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL:%NEW_RECORD_PADDING" +#define NEW_AES_CBC "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL:%RANDOM_PADDING" +#define NEW_AES_CBC_SHA256 "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL:%RANDOM_PADDING" +#define NEW_AES_GCM "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL:%RANDOM_PADDING" static void ch_handler(int sig) {