From: Simon Josefsson Date: Tue, 13 Apr 2010 20:14:10 +0000 (+0200) Subject: Doc fixes. X-Git-Tag: gnutls_2_9_10~20 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=d20cd80b62148c37bc60c2c70cfa5700a81d48d1;p=thirdparty%2Fgnutls.git Doc fixes. --- diff --git a/NEWS b/NEWS index 399b9d24b5..2825268575 100644 --- a/NEWS +++ b/NEWS @@ -64,30 +64,31 @@ Daniel Nylander, Sergio Zanchetta, Tao Wei, and Aron Xu. ** doc: The GTK-DOC manual is significantly improved. ** API and ABI modifications: -gnutls_certificate_set_verify_function: Added -gnutls_safe_renegotiation_status: Added -gnutls_cipher_decrypt: Added -gnutls_cipher_deinit: Added -gnutls_cipher_encrypt: Added -gnutls_cipher_get_block_size: Added -gnutls_cipher_init: Added -gnutls_hash: Added -gnutls_hash_deinit: Added -gnutls_hash_fast: Added -gnutls_hash_get_len: Added -gnutls_hash_init: Added -gnutls_hash_output: Added -gnutls_hmac: Added -gnutls_hmac_deinit: Added -gnutls_hmac_fast: Added -gnutls_hmac_get_len: Added -gnutls_hmac_init: Added -gnutls_hmac_output: Added -gnutls_safe_negotiation_set_initial: Added -gnutls_safe_renegotiation_set: Added +gnutls_certificate_set_verify_function: ADDED. +gnutls_safe_renegotiation_status: ADDED. +gnutls_cipher_decrypt: ADDED. +gnutls_cipher_deinit: ADDED. +gnutls_cipher_encrypt: ADDED. +gnutls_cipher_get_block_size: ADDED. +gnutls_cipher_init: ADDED. +gnutls_hash: ADDED. +gnutls_hash_deinit: ADDED. +gnutls_hash_fast: ADDED. +gnutls_hash_get_len: ADDED. +gnutls_hash_init: ADDED. +gnutls_hash_output: ADDED. +gnutls_hmac: ADDED. +gnutls_hmac_deinit: ADDED. +gnutls_hmac_fast: ADDED. +gnutls_hmac_get_len: ADDED. +gnutls_hmac_init: ADDED. +gnutls_hmac_output: ADDED. +gnutls_safe_negotiation_set_initial: ADDED. +gnutls_safe_renegotiation_set: ADDED. %UNSAFE_RENEGOTIATION: Added to priority strings %INITIAL_SAFE_RENEGOTIATION: Added to priority strings %DISABLE_SAFE_RENEGOTIATION: Added to priority strings (do not use) +GNUTLS_VERSION_MAX: Added. * Version 2.9.9 (released 2009-11-09) diff --git a/lib/ext_safe_renegotiation.c b/lib/ext_safe_renegotiation.c index 5cdc6d1d40..bb22a7121d 100644 --- a/lib/ext_safe_renegotiation.c +++ b/lib/ext_safe_renegotiation.c @@ -27,8 +27,8 @@ #include int -_gnutls_safe_renegotiation_recv_params (gnutls_session_t session, - const opaque * data, size_t _data_size) +_gnutls_safe_renegotiation_recv_params (gnutls_session_t session, + const opaque * data, size_t _data_size) { tls_ext_st *ext = &session->security_parameters.extensions; int len = data[0]; @@ -40,7 +40,7 @@ _gnutls_safe_renegotiation_recv_params (gnutls_session_t session, * not receive it on the initial negotiation. */ if (session->internals.initial_negotiation_completed != 0 && - session->internals.connection_using_safe_renegotiation == 0) + session->internals.connection_using_safe_renegotiation == 0) { gnutls_assert(); return GNUTLS_E_SAFE_RENEGOTIATION_FAILED; @@ -58,7 +58,7 @@ _gnutls_safe_renegotiation_recv_params (gnutls_session_t session, /* "safe renegotiation received" means on *this* handshake; "connection using * safe renegotiation" means that the initial hello received on the connection - * indicated safe renegotiation. + * indicated safe renegotiation. */ session->internals.safe_renegotiation_received = 1; session->internals.connection_using_safe_renegotiation = 1; @@ -67,8 +67,8 @@ _gnutls_safe_renegotiation_recv_params (gnutls_session_t session, } int -_gnutls_safe_renegotiation_send_params (gnutls_session_t session, - opaque * data, size_t _data_size) +_gnutls_safe_renegotiation_send_params (gnutls_session_t session, + opaque * data, size_t _data_size) { /* The format of this extension is a one-byte length of verify data followed * by the verify data itself. Note that the length byte does not include @@ -78,7 +78,6 @@ _gnutls_safe_renegotiation_send_params (gnutls_session_t session, ssize_t data_size = _data_size; tls_ext_st *ext = &session->security_parameters.extensions; - if (session->internals.priorities.disable_safe_renegotiation != 0) { gnutls_assert(); @@ -89,7 +88,7 @@ _gnutls_safe_renegotiation_send_params (gnutls_session_t session, /* Always offer the extension if we're a client */ if (session->internals.connection_using_safe_renegotiation || - session->security_parameters.entity == GNUTLS_CLIENT) + session->security_parameters.entity == GNUTLS_CLIENT) { DECR_LEN (data_size, 1); data[0] = ext->client_verify_data_len; @@ -108,8 +107,8 @@ _gnutls_safe_renegotiation_send_params (gnutls_session_t session, if (ext->server_verify_data_len > 0) memcpy(&data[1 + ext->client_verify_data_len], - ext->server_verify_data, - ext->server_verify_data_len); + ext->server_verify_data, + ext->server_verify_data_len); } } else @@ -156,10 +155,13 @@ gnutls_safe_renegotiation_set (gnutls_session_t session, int value) * @session: is a #gnutls_session_t structure. * * Can be used to check whether safe renegotiation is being used - * in the current session. Returns 0 when not and non zero when - * used. + * in the current session. + * + * Returns: 0 when safe renegotiation is not used and non zero when + * safe renegotiation is used. **/ -int gnutls_safe_renegotiation_status (gnutls_session_t session) +int +gnutls_safe_renegotiation_status (gnutls_session_t session) { return session->internals.connection_using_safe_renegotiation; } diff --git a/lib/gnutls_algorithms.c b/lib/gnutls_algorithms.c index ac506193d9..0e2faca607 100644 --- a/lib/gnutls_algorithms.c +++ b/lib/gnutls_algorithms.c @@ -483,155 +483,155 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_ARCFOUR_MD5, GNUTLS_CIPHER_ARCFOUR_128, GNUTLS_KX_ANON_DH, GNUTLS_MAC_MD5, - GNUTLS_SSL3, GNUTLS_TLS_MAX_VERSION), + GNUTLS_SSL3, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_3DES_EDE_CBC_SHA1, GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ANON_DH, - GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_AES_128_CBC_SHA1, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ANON_DH, - GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ANON_DH, - GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), #ifdef ENABLE_CAMELLIA GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_CAMELLIA_128_CBC_SHA1, GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_ANON_DH, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_CAMELLIA_256_CBC_SHA1, GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_ANON_DH, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), #endif GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_AES_128_CBC_SHA256, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ANON_DH, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_AES_256_CBC_SHA256, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ANON_DH, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_VERSION_MAX), /* PSK */ GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_PSK_SHA_ARCFOUR_SHA1, GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_PSK, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_PSK_SHA_3DES_EDE_CBC_SHA1, GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_PSK, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_PSK_SHA_AES_128_CBC_SHA1, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_PSK, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_PSK_SHA_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_PSK, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), /* DHE-PSK */ GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_PSK_SHA_ARCFOUR_SHA1, GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_DHE_PSK, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_PSK_SHA_3DES_EDE_CBC_SHA1, GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_DHE_PSK, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_PSK_SHA_AES_128_CBC_SHA1, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_PSK, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_PSK_SHA_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_PSK, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), /* SRP */ GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_3DES_EDE_CBC_SHA1, GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_SRP, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_AES_128_CBC_SHA1, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_SRP, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_SRP, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_DSS_3DES_EDE_CBC_SHA1, GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_SRP_DSS, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_RSA_3DES_EDE_CBC_SHA1, GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_SRP_RSA, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_DSS_AES_128_CBC_SHA1, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_SRP_DSS, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_RSA_AES_128_CBC_SHA1, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_SRP_RSA, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_DSS_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_SRP_DSS, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_RSA_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_SRP_RSA, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), /* DHE_DSS */ GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_ARCFOUR_SHA1, GNUTLS_CIPHER_ARCFOUR_128, GNUTLS_KX_DHE_DSS, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_3DES_EDE_CBC_SHA1, GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_DHE_DSS, - GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_128_CBC_SHA1, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_DSS, - GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_DSS, - GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), #ifdef ENABLE_CAMELLIA GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_CAMELLIA_128_CBC_SHA1, GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_DHE_DSS, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_CAMELLIA_256_CBC_SHA1, GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_DHE_DSS, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), #endif GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_128_CBC_SHA256, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_DSS, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_256_CBC_SHA256, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_DSS, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_VERSION_MAX), /* DHE_RSA */ GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1, GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_DHE_RSA, - GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_128_CBC_SHA1, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_RSA, - GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_RSA, - GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), #ifdef ENABLE_CAMELLIA GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA1, GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_DHE_RSA, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1, GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_DHE_RSA, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), #endif GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_128_CBC_SHA256, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_RSA, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_256_CBC_SHA256, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_RSA, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_VERSION_MAX), /* RSA */ GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_NULL_MD5, GNUTLS_CIPHER_NULL, - GNUTLS_KX_RSA, GNUTLS_MAC_MD5, GNUTLS_SSL3, GNUTLS_TLS_MAX_VERSION), + GNUTLS_KX_RSA, GNUTLS_MAC_MD5, GNUTLS_SSL3, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_EXPORT_ARCFOUR_40_MD5, GNUTLS_CIPHER_ARCFOUR_40, @@ -640,36 +640,36 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_ARCFOUR_SHA1, GNUTLS_CIPHER_ARCFOUR_128, - GNUTLS_KX_RSA, GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_TLS_MAX_VERSION), + GNUTLS_KX_RSA, GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_ARCFOUR_MD5, GNUTLS_CIPHER_ARCFOUR_128, - GNUTLS_KX_RSA, GNUTLS_MAC_MD5, GNUTLS_SSL3, GNUTLS_TLS_MAX_VERSION), + GNUTLS_KX_RSA, GNUTLS_MAC_MD5, GNUTLS_SSL3, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_3DES_EDE_CBC_SHA1, GNUTLS_CIPHER_3DES_CBC, - GNUTLS_KX_RSA, GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_TLS_MAX_VERSION), + GNUTLS_KX_RSA, GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_128_CBC_SHA1, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_RSA, - GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_RSA, - GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), #ifdef ENABLE_CAMELLIA GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_CAMELLIA_128_CBC_SHA1, GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_RSA, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_CAMELLIA_256_CBC_SHA1, GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_RSA, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), #endif GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_128_CBC_SHA256, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_RSA, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_256_CBC_SHA256, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_RSA, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RENEGO_PROTECTION_REQUEST, GNUTLS_CIPHER_UNKNOWN, GNUTLS_KX_UNKNOWN, - GNUTLS_MAC_UNKNOWN, GNUTLS_SSL3, GNUTLS_TLS_MAX_VERSION), + GNUTLS_MAC_UNKNOWN, GNUTLS_SSL3, GNUTLS_VERSION_MAX), {0, {{0, 0}}, 0, 0, 0, 0, 0} }; diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index 9754d40103..1db753410d 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -486,6 +486,7 @@ extern "C" { * @GNUTLS_TLS1: Same as %GNUTLS_TLS1_0. * @GNUTLS_TLS1_1: TLS version 1.1. * @GNUTLS_TLS1_2: TLS version 1.2. + * @GNUTLS_VERSION_MAX: Maps to the highest supported TLS version. * @GNUTLS_VERSION_UNKNOWN: Unknown SSL/TLS version. * * Enumeration of different SSL/TLS protocol versions. @@ -497,10 +498,9 @@ extern "C" { GNUTLS_TLS1 = GNUTLS_TLS1_0, GNUTLS_TLS1_1 = 3, GNUTLS_TLS1_2 = 4, - GNUTLS_TLS_END_VERSION, + GNUTLS_VERSION_MAX = GNUTLS_TLS1_2, GNUTLS_VERSION_UNKNOWN = 0xff } gnutls_protocol_t; -#define GNUTLS_TLS_MAX_VERSION (GNUTLS_TLS_END_VERSION-1) /** * gnutls_certificate_type_t: