interesting
/
getdns
mirror of https://github.com/getdnsapi/getdns.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'develop' into my-develop

This commit is contained in:
Jim Hague 2020-03-05 13:25:24 +00:00
parent 252d68e67a 9baf655a7b
commit 0078977ada
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/gnutls/tls.c
View File

@ -5,7 +5,7 @@
*/ */
/* /*
* Copyright (c) 2018-2019, NLnet Labs * Copyright (c) 2018-2020, NLnet Labs
* All rights reserved. * All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
@ -102,7 +102,7 @@ static int set_connection_ciphers(_getdns_tls_connection* conn)
char* pri = NULL; char* pri = NULL;
int res; int res;
pri = getdns_priappend(conn->mfs, pri, "NONE:+COMP-ALL:+SIGN-RSA-SHA384"); pri = getdns_priappend(conn->mfs, pri, "NONE:+COMP-ALL:+SIGN-ALL");
if (conn->cipher_suites) if (conn->cipher_suites)
pri = getdns_priappend(conn->mfs, pri, conn->cipher_suites); pri = getdns_priappend(conn->mfs, pri, conn->cipher_suites);
@ -119,7 +119,11 @@ static int set_connection_ciphers(_getdns_tls_connection* conn)
else if (conn->ctx->curve_list) else if (conn->ctx->curve_list)
pri = getdns_priappend(conn->mfs, pri, conn->ctx->curve_list); pri = getdns_priappend(conn->mfs, pri, conn->ctx->curve_list);
else else
#if GNUTLS_VERSION_NUMBER >= 0x030605
pri = getdns_priappend(conn->mfs, pri, "+GROUP-EC-ALL");
#else
pri = getdns_priappend(conn->mfs, pri, "+CURVE-ALL"); pri = getdns_priappend(conn->mfs, pri, "+CURVE-ALL");
#endif
gnutls_protocol_t min = conn->min_tls; gnutls_protocol_t min = conn->min_tls;
gnutls_protocol_t max = conn->max_tls; gnutls_protocol_t max = conn->max_tls;