disable PSK ciphers for now since they aren't implemented
SVN revision: 52565
This commit is contained in:
parent
fb977d72c4
commit
787b09464b
|
@ -304,15 +304,16 @@ _ecore_con_ssl_server_prepare_gnutls(Ecore_Con_Server *svr, int ssl_type)
|
|||
SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_dh_params_generate2(svr->dh_params, 1024));
|
||||
|
||||
SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_anon_allocate_server_credentials(&svr->anoncred_s));
|
||||
SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_psk_allocate_server_credentials(&svr->pskcred_s));
|
||||
/* TODO: implement PSK */
|
||||
// SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_psk_allocate_server_credentials(&svr->pskcred_s));
|
||||
|
||||
gnutls_anon_set_server_dh_params(svr->anoncred_s, svr->dh_params);
|
||||
gnutls_certificate_set_dh_params(svr->cert, svr->dh_params);
|
||||
gnutls_psk_set_server_dh_params(svr->pskcred_s, svr->dh_params);
|
||||
//gnutls_psk_set_server_dh_params(svr->pskcred_s, svr->dh_params);
|
||||
}
|
||||
else
|
||||
{
|
||||
SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_psk_allocate_client_credentials(&svr->pskcred_c));
|
||||
//SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_psk_allocate_client_credentials(&svr->pskcred_c));
|
||||
SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_anon_allocate_client_credentials(&svr->anoncred_c));
|
||||
}
|
||||
|
||||
|
@ -382,7 +383,7 @@ _ecore_con_ssl_server_init_gnutls(Ecore_Con_Server *svr)
|
|||
SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_set_default_priority(svr->session));
|
||||
|
||||
SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_credentials_set(svr->session, GNUTLS_CRD_CERTIFICATE, svr->cert));
|
||||
SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_credentials_set(svr->session, GNUTLS_CRD_PSK, svr->pskcred_c));
|
||||
//SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_credentials_set(svr->session, GNUTLS_CRD_PSK, svr->pskcred_c));
|
||||
SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_credentials_set(svr->session, GNUTLS_CRD_ANON, svr->anoncred_c));
|
||||
|
||||
SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_protocol_set_priority(svr->session, proto));
|
||||
|
@ -598,7 +599,7 @@ _ecore_con_ssl_client_init_gnutls(Ecore_Con_Client *cl)
|
|||
SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_compression_set_priority(cl->session, compress));
|
||||
|
||||
SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_credentials_set(cl->session, GNUTLS_CRD_ANON, cl->host_server->anoncred_s));
|
||||
SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_credentials_set(cl->session, GNUTLS_CRD_PSK, cl->host_server->pskcred_s));
|
||||
//SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_credentials_set(cl->session, GNUTLS_CRD_PSK, cl->host_server->pskcred_s));
|
||||
SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_credentials_set(cl->session, GNUTLS_CRD_CERTIFICATE, cl->host_server->cert));
|
||||
|
||||
gnutls_certificate_server_set_request(cl->session, GNUTLS_CERT_REQUEST);
|
||||
|
|
Loading…
Reference in New Issue