SliTaz Repositories

1 --- openvas-client-3.0.1/openvas/openvas-client.c

2 +++ openvas-client-3.0.1/openvas/openvas-client.c

3 @@ -466,89 +466,26 @@

4 static void

5 set_gnutls_sslv23 (gnutls_session_t session)

6 {

7 - static int protocol_priority[] = {GNUTLS_TLS1,

8 - GNUTLS_SSL3,

9 - 0};

10 - static int cipher_priority[] = {GNUTLS_CIPHER_AES_128_CBC,

11 - GNUTLS_CIPHER_3DES_CBC,

12 - GNUTLS_CIPHER_AES_256_CBC,

13 - GNUTLS_CIPHER_ARCFOUR_128,

14 - 0};

15 - static int comp_priority[] = {GNUTLS_COMP_ZLIB,

16 - GNUTLS_COMP_NULL,

17 - 0};

18 - static int kx_priority[] = {GNUTLS_KX_DHE_RSA,

19 - GNUTLS_KX_RSA,

20 - GNUTLS_KX_DHE_DSS,

21 - 0};

22 - static int mac_priority[] = {GNUTLS_MAC_SHA1,

23 - GNUTLS_MAC_MD5,

24 - 0};

25 -

26 - gnutls_protocol_set_priority(session, protocol_priority);

27 - gnutls_cipher_set_priority(session, cipher_priority);

28 - gnutls_compression_set_priority(session, comp_priority);

29 - gnutls_kx_set_priority (session, kx_priority);

30 - gnutls_mac_set_priority(session, mac_priority);

31 + // gnutls 2.2.0+

32 + return gnutls_priority_set_direct(session,

33 + "NONE:+VERS-TLS1:+VERS-SSL3:+AES_128_CBC:+3DES_CBC:+AES_256_CBC:+ARCFOUR_128:+COMP_ZLIB:+COMP_NULL:+DHE_RSA:+RSA:+DHE_DSS:+SHA1:+MD5", NULL);

34 }

35

36

37 static void

38 set_gnutls_sslv3(gnutls_session_t session)

39 {

40 - static int protocol_priority[] = {GNUTLS_SSL3,

41 - 0};

42 - static int cipher_priority[] = {GNUTLS_CIPHER_3DES_CBC,

43 - GNUTLS_CIPHER_ARCFOUR_128,

44 - 0};

45 - static int comp_priority[] = {GNUTLS_COMP_ZLIB,

46 - GNUTLS_COMP_NULL,

47 - 0};

48 -

49 - static int kx_priority[] = {GNUTLS_KX_DHE_RSA,

50 - GNUTLS_KX_RSA,

51 - GNUTLS_KX_DHE_DSS,

52 - GNUTLS_KX_ANON_DH,

53 - 0};

54 -

55 - static int mac_priority[] = {GNUTLS_MAC_SHA1,

56 - GNUTLS_MAC_MD5,

57 - 0};

58 -

59 - gnutls_protocol_set_priority(session, protocol_priority);

60 - gnutls_cipher_set_priority(session, cipher_priority);

61 - gnutls_compression_set_priority(session, comp_priority);

62 - gnutls_kx_set_priority (session, kx_priority);

63 - gnutls_mac_set_priority(session, mac_priority);

64 + // gnutls 2.2.0+

65 + return gnutls_priority_set_direct(session,

66 + "NONE:+VERS-SSL3:+3DES_CBC:+ARCFOUR_128:+COMP_ZLIB:+COMP_NULL:+DHE_RSA:+RSA:+DHE_DSS:+ANON_DH:+SHA1:+MD5", NULL);

67 }

68

69 static void

70 set_gnutls_tlsv1(gnutls_session_t session)

71 {

72 - static int protocol_priority[] = {GNUTLS_TLS1,

73 - 0};

74 - static int cipher_priority[] = {GNUTLS_CIPHER_AES_128_CBC,

75 - GNUTLS_CIPHER_3DES_CBC,

76 - GNUTLS_CIPHER_AES_256_CBC,

77 - GNUTLS_CIPHER_ARCFOUR_128,

78 - 0};

79 - static int comp_priority[] = {GNUTLS_COMP_ZLIB,

80 - GNUTLS_COMP_NULL,

81 - 0};

82 - static int kx_priority[] = {GNUTLS_KX_DHE_RSA,

83 - GNUTLS_KX_RSA,

84 - GNUTLS_KX_DHE_DSS,

85 - GNUTLS_KX_ANON_DH,

86 - 0};

87 - static int mac_priority[] = {GNUTLS_MAC_SHA1,

88 - GNUTLS_MAC_MD5,

89 - 0};

90 -

91 - gnutls_protocol_set_priority(session, protocol_priority);

92 - gnutls_cipher_set_priority(session, cipher_priority);

93 - gnutls_compression_set_priority(session, comp_priority);

94 - gnutls_kx_set_priority (session, kx_priority);

95 - gnutls_mac_set_priority(session, mac_priority);

96 + // gnutls 2.2.0+

97 + return gnutls_priority_set_direct(session,

98 + "NONE:+VERS-TLS1:+AES_128_CBC:+3DES_CBC:+AES_256_CBC:+ARCFOUR_128:+COMP_ZLIB:+COMP_NULL:+DHE_RSA:+RSA:+DHE_DSS:+ANON_DH:+SHA1:+MD5", NULL);

99 }

100

101

102 @@ -698,7 +635,6 @@

103 #endif

104 gnutls_session_t ssl = NULL;

105 gnutls_certificate_credentials_t certcred = NULL;

106 - int certprio[2] = { GNUTLS_CRT_X509, 0 };

107

108 const char *cert, *key, *client_ca, *trusted_ca, *ssl_ver;

109 int use_client_cert = prefs_get_int(context, "use_client_cert");

110 @@ -868,7 +804,7 @@

111

112 if(use_client_cert)

113 {

114 - rc = gnutls_certificate_type_set_priority (ssl, certprio);

115 + rc = gnutls_set_default_priority (ssl);

116 if (rc)

117 {

118 gnutls_deinit (ssl);