wok: openvas-client/stuff/gnutls.2.2.u annotate

wok annotate openvas-client/stuff/gnutls.2.2.u @ rev 25076

Up marlin (886)

author	Pascal Bellard <pascal.bellard@slitaz.org>
date	Tue Jun 14 08:17:07 2022 +0000 (2022-06-14)
parents
children

rev	line source
pascal@25064	1 --- openvas-client-3.0.1/openvas/openvas-client.c
pascal@25064	2 +++ openvas-client-3.0.1/openvas/openvas-client.c
pascal@25064	3 @@ -466,89 +466,26 @@
pascal@25064	4 static void
pascal@25064	5 set_gnutls_sslv23 (gnutls_session_t session)
pascal@25064	6 {
pascal@25064	7 - static int protocol_priority[] = {GNUTLS_TLS1,
pascal@25064	8 - GNUTLS_SSL3,
pascal@25064	9 - 0};
pascal@25064	10 - static int cipher_priority[] = {GNUTLS_CIPHER_AES_128_CBC,
pascal@25064	11 - GNUTLS_CIPHER_3DES_CBC,
pascal@25064	12 - GNUTLS_CIPHER_AES_256_CBC,
pascal@25064	13 - GNUTLS_CIPHER_ARCFOUR_128,
pascal@25064	14 - 0};
pascal@25064	15 - static int comp_priority[] = {GNUTLS_COMP_ZLIB,
pascal@25064	16 - GNUTLS_COMP_NULL,
pascal@25064	17 - 0};
pascal@25064	18 - static int kx_priority[] = {GNUTLS_KX_DHE_RSA,
pascal@25064	19 - GNUTLS_KX_RSA,
pascal@25064	20 - GNUTLS_KX_DHE_DSS,
pascal@25064	21 - 0};
pascal@25064	22 - static int mac_priority[] = {GNUTLS_MAC_SHA1,
pascal@25064	23 - GNUTLS_MAC_MD5,
pascal@25064	24 - 0};
pascal@25064	25 -
pascal@25064	26 - gnutls_protocol_set_priority(session, protocol_priority);
pascal@25064	27 - gnutls_cipher_set_priority(session, cipher_priority);
pascal@25064	28 - gnutls_compression_set_priority(session, comp_priority);
pascal@25064	29 - gnutls_kx_set_priority (session, kx_priority);
pascal@25064	30 - gnutls_mac_set_priority(session, mac_priority);
pascal@25064	31 + // gnutls 2.2.0+
pascal@25064	32 + return gnutls_priority_set_direct(session,
pascal@25064	33 + "NONE:+VERS-TLS1:+VERS-SSL3:+AES_128_CBC:+3DES_CBC:+AES_256_CBC:+ARCFOUR_128:+COMP_ZLIB:+COMP_NULL:+DHE_RSA:+RSA:+DHE_DSS:+SHA1:+MD5", NULL);
pascal@25064	34 }
pascal@25064	35
pascal@25064	36
pascal@25064	37 static void
pascal@25064	38 set_gnutls_sslv3(gnutls_session_t session)
pascal@25064	39 {
pascal@25064	40 - static int protocol_priority[] = {GNUTLS_SSL3,
pascal@25064	41 - 0};
pascal@25064	42 - static int cipher_priority[] = {GNUTLS_CIPHER_3DES_CBC,
pascal@25064	43 - GNUTLS_CIPHER_ARCFOUR_128,
pascal@25064	44 - 0};
pascal@25064	45 - static int comp_priority[] = {GNUTLS_COMP_ZLIB,
pascal@25064	46 - GNUTLS_COMP_NULL,
pascal@25064	47 - 0};
pascal@25064	48 -
pascal@25064	49 - static int kx_priority[] = {GNUTLS_KX_DHE_RSA,
pascal@25064	50 - GNUTLS_KX_RSA,
pascal@25064	51 - GNUTLS_KX_DHE_DSS,
pascal@25064	52 - GNUTLS_KX_ANON_DH,
pascal@25064	53 - 0};
pascal@25064	54 -
pascal@25064	55 - static int mac_priority[] = {GNUTLS_MAC_SHA1,
pascal@25064	56 - GNUTLS_MAC_MD5,
pascal@25064	57 - 0};
pascal@25064	58 -
pascal@25064	59 - gnutls_protocol_set_priority(session, protocol_priority);
pascal@25064	60 - gnutls_cipher_set_priority(session, cipher_priority);
pascal@25064	61 - gnutls_compression_set_priority(session, comp_priority);
pascal@25064	62 - gnutls_kx_set_priority (session, kx_priority);
pascal@25064	63 - gnutls_mac_set_priority(session, mac_priority);
pascal@25064	64 + // gnutls 2.2.0+
pascal@25064	65 + return gnutls_priority_set_direct(session,
pascal@25064	66 + "NONE:+VERS-SSL3:+3DES_CBC:+ARCFOUR_128:+COMP_ZLIB:+COMP_NULL:+DHE_RSA:+RSA:+DHE_DSS:+ANON_DH:+SHA1:+MD5", NULL);
pascal@25064	67 }
pascal@25064	68
pascal@25064	69 static void
pascal@25064	70 set_gnutls_tlsv1(gnutls_session_t session)
pascal@25064	71 {
pascal@25064	72 - static int protocol_priority[] = {GNUTLS_TLS1,
pascal@25064	73 - 0};
pascal@25064	74 - static int cipher_priority[] = {GNUTLS_CIPHER_AES_128_CBC,
pascal@25064	75 - GNUTLS_CIPHER_3DES_CBC,
pascal@25064	76 - GNUTLS_CIPHER_AES_256_CBC,
pascal@25064	77 - GNUTLS_CIPHER_ARCFOUR_128,
pascal@25064	78 - 0};
pascal@25064	79 - static int comp_priority[] = {GNUTLS_COMP_ZLIB,
pascal@25064	80 - GNUTLS_COMP_NULL,
pascal@25064	81 - 0};
pascal@25064	82 - static int kx_priority[] = {GNUTLS_KX_DHE_RSA,
pascal@25064	83 - GNUTLS_KX_RSA,
pascal@25064	84 - GNUTLS_KX_DHE_DSS,
pascal@25064	85 - GNUTLS_KX_ANON_DH,
pascal@25064	86 - 0};
pascal@25064	87 - static int mac_priority[] = {GNUTLS_MAC_SHA1,
pascal@25064	88 - GNUTLS_MAC_MD5,
pascal@25064	89 - 0};
pascal@25064	90 -
pascal@25064	91 - gnutls_protocol_set_priority(session, protocol_priority);
pascal@25064	92 - gnutls_cipher_set_priority(session, cipher_priority);
pascal@25064	93 - gnutls_compression_set_priority(session, comp_priority);
pascal@25064	94 - gnutls_kx_set_priority (session, kx_priority);
pascal@25064	95 - gnutls_mac_set_priority(session, mac_priority);
pascal@25064	96 + // gnutls 2.2.0+
pascal@25064	97 + return gnutls_priority_set_direct(session,
pascal@25064	98 + "NONE:+VERS-TLS1:+AES_128_CBC:+3DES_CBC:+AES_256_CBC:+ARCFOUR_128:+COMP_ZLIB:+COMP_NULL:+DHE_RSA:+RSA:+DHE_DSS:+ANON_DH:+SHA1:+MD5", NULL);
pascal@25064	99 }
pascal@25064	100
pascal@25064	101
pascal@25064	102 @@ -698,7 +635,6 @@
pascal@25064	103 #endif
pascal@25064	104 gnutls_session_t ssl = NULL;
pascal@25064	105 gnutls_certificate_credentials_t certcred = NULL;
pascal@25064	106 - int certprio[2] = { GNUTLS_CRT_X509, 0 };
pascal@25064	107
pascal@25064	108 const char cert, key, client_ca, trusted_ca, *ssl_ver;
pascal@25064	109 int use_client_cert = prefs_get_int(context, "use_client_cert");
pascal@25064	110 @@ -868,7 +804,7 @@
pascal@25064	111
pascal@25064	112 if(use_client_cert)
pascal@25064	113 {
pascal@25064	114 - rc = gnutls_certificate_type_set_priority (ssl, certprio);
pascal@25064	115 + rc = gnutls_set_default_priority (ssl);
pascal@25064	116 if (rc)
pascal@25064	117 {
pascal@25064	118 gnutls_deinit (ssl);

SliTaz Repositories

wok annotate openvas-client/stuff/gnutls.2.2.u @ rev 25076