interesting
/
getdns
mirror of https://github.com/getdnsapi/getdns.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #465 from banburybill/develop 

Relax GnuTLS priority strings slightly to allow getdns to work with T…
This commit is contained in:
Willem Toorop 2020-03-05 14:52:55 +01:00 committed by GitHub
parent 6972c99268 9baf655a7b
commit 2c51db610a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/gnutls/tls.c
View File

@ -5,7 +5,7 @@
*/ */
/* /*
* Copyright (c) 2018-2019, NLnet Labs * Copyright (c) 2018-2020, NLnet Labs
* All rights reserved. * All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
@ -102,7 +102,7 @@ static int set_connection_ciphers(_getdns_tls_connection* conn)
char* pri = NULL; char* pri = NULL;
int res; int res;
pri = getdns_priappend(conn->mfs, pri, "NONE:+COMP-ALL:+SIGN-RSA-SHA384"); pri = getdns_priappend(conn->mfs, pri, "NONE:+COMP-ALL:+SIGN-ALL");
if (conn->cipher_suites) if (conn->cipher_suites)
pri = getdns_priappend(conn->mfs, pri, conn->cipher_suites); pri = getdns_priappend(conn->mfs, pri, conn->cipher_suites);
@ -119,7 +119,11 @@ static int set_connection_ciphers(_getdns_tls_connection* conn)
else if (conn->ctx->curve_list) else if (conn->ctx->curve_list)
pri = getdns_priappend(conn->mfs, pri, conn->ctx->curve_list); pri = getdns_priappend(conn->mfs, pri, conn->ctx->curve_list);
else else
#if GNUTLS_VERSION_NUMBER >= 0x030605
pri = getdns_priappend(conn->mfs, pri, "+GROUP-EC-ALL");
#else
pri = getdns_priappend(conn->mfs, pri, "+CURVE-ALL"); pri = getdns_priappend(conn->mfs, pri, "+CURVE-ALL");
#endif
gnutls_protocol_t min = conn->min_tls; gnutls_protocol_t min = conn->min_tls;
gnutls_protocol_t max = conn->max_tls; gnutls_protocol_t max = conn->max_tls;