]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
projects / thirdparty / gnutls.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6d8dd07)
priority: add new GOST-ALL shortcut
authorDmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Wed, 8 Jan 2020 19:07:19 +0000 (22:07 +0300)
committerDmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Thu, 9 Jan 2020 23:22:44 +0000 (02:22 +0300)
Add GOST-ALL as an alias for CIPHER-GOST-ALL, MAC-GOST-ALL, KX-GOST-ALL,
SIGN-GOST-ALL and GROUP-GOST-ALL.

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
doc/cha-gtls-app.texi patch | blob | blame | history
lib/priority.c patch | blob | blame | history

diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi
index 47fd3bca652a18a30510d799d3a801effa0ac6f5..8471dab6cc94812bcaf16e4d8732e4bed87dcc7e 100644 (file)
--- a/doc/cha-gtls-app.texi
+++ b/doc/cha-gtls-app.texi
@@ -1488,6 +1488,11 @@ CTYPE-CLI-RAWPK, CTYPE-SRV-RAWPK can be used to specialize on client or server;
 catch all is CTYPE-CLI-ALL and CTYPE-SRV-ALL. The type 'X509' is aliased to 'X.509'
 for legacy reasons.
 
+@item Generic @tab
+The keyword GOST is a shortcut for secure GOST algorithms (MACs, ciphers,
+KXes, groups and signatures). For example the following string will enable all
+TLS 1.2 GOST ciphersuites: 'NONE:+VERS-TLS1.2:+GOST'.
+
 @end multitable
 @caption{The supported algorithm keywords in priority strings.}
 @end float
diff --git a/lib/priority.c b/lib/priority.c
index 7b34ae9e525615d5d9029696b5d4ae226086d0db..d8df62ef1cedc8e08904a55ed17828b56bf8ff08 100644 (file)
--- a/lib/priority.c
+++ b/lib/priority.c
@@ -2217,6 +2217,18 @@ gnutls_priority_init(gnutls_priority_t * priority_cache,
                                        bulk_fn(&(*priority_cache)->_kx,
                                                        kx_priority_gost);
                                }
+                       } else if (c_strncasecmp
+                                (&broken_list[i][1], "GOST", 4) == 0) {
+                               bulk_given_fn(&(*priority_cache)->_supported_ecc,
+                                       _supported_groups_gost);
+                               bulk_fn(&(*priority_cache)->_sign_algo,
+                                       sign_priority_gost);
+                               bulk_fn(&(*priority_cache)->_mac,
+                                               mac_priority_gost);
+                               bulk_fn(&(*priority_cache)->_cipher,
+                                               cipher_priority_gost);
+                               bulk_fn(&(*priority_cache)->_kx,
+                                               kx_priority_gost);
                        } else
                                goto error;
                } else if (broken_list[i][0] == '%') {
Mirror of https://gitlab.com/gnutls/gnutls.git