You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
70 lines
2.1 KiB
70 lines
2.1 KiB
5 years ago
|
diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c
|
||
|
|
index c5998abe6..f3e19105f 100644
|
||
|
|
--- a/lib/gnutls_priority.c
|
||
|
|
+++ b/lib/gnutls_priority.c
|
||
|
|
@@ -491,8 +491,6 @@ static const int sign_priority_secure192[] = {
|
||
|
|
|
||
|
|
static const int mac_priority_normal_default[] = {
|
||
|
|
GNUTLS_MAC_SHA1,
|
||
|
|
- GNUTLS_MAC_SHA256,
|
||
|
|
- GNUTLS_MAC_SHA384,
|
||
|
|
GNUTLS_MAC_AEAD,
|
||
|
|
GNUTLS_MAC_MD5,
|
||
|
|
0
|
||
|
|
@@ -500,8 +498,6 @@ static const int mac_priority_normal_default[] = {
|
||
|
|
|
||
|
|
static const int mac_priority_normal_fips[] = {
|
||
|
|
GNUTLS_MAC_SHA1,
|
||
|
|
- GNUTLS_MAC_SHA256,
|
||
|
|
- GNUTLS_MAC_SHA384,
|
||
|
|
GNUTLS_MAC_AEAD,
|
||
|
|
0
|
||
|
|
};
|
||
|
|
@@ -530,15 +526,11 @@ static const int mac_priority_suiteb192[] = {
|
||
|
|
|
||
|
|
static const int mac_priority_secure128[] = {
|
||
|
|
GNUTLS_MAC_SHA1,
|
||
|
|
- GNUTLS_MAC_SHA256,
|
||
|
|
- GNUTLS_MAC_SHA384,
|
||
|
|
GNUTLS_MAC_AEAD,
|
||
|
|
0
|
||
|
|
};
|
||
|
|
|
||
|
|
static const int mac_priority_secure192[] = {
|
||
|
|
- GNUTLS_MAC_SHA256,
|
||
|
|
- GNUTLS_MAC_SHA384,
|
||
|
|
GNUTLS_MAC_AEAD,
|
||
|
|
0
|
||
|
|
};
|
||
|
|
diff --git a/tests/priorities.c b/tests/priorities.c
|
||
|
|
index f22b08b62..46221fcc0 100644
|
||
|
|
--- a/tests/priorities.c
|
||
|
|
+++ b/tests/priorities.c
|
||
|
|
@@ -100,18 +100,18 @@ try_prio(const char *prio, unsigned expected_cs, unsigned expected_ciphers)
|
||
|
|
|
||
|
|
void doit(void)
|
||
|
|
{
|
||
|
|
- const int normal = 61;
|
||
|
|
- const int null = 5;
|
||
|
|
- const int sec128 = 56;
|
||
|
|
+ const int normal = 41;
|
||
|
|
+ const int null = 4;
|
||
|
|
+ const int sec128 = 36;
|
||
|
|
|
||
|
|
try_prio("NORMAL", normal, 9);
|
||
|
|
try_prio("NORMAL:-MAC-ALL:+MD5:+MAC-ALL", normal, 9);
|
||
|
|
try_prio("NORMAL:+CIPHER-ALL", normal, 9); /* all (except null) */
|
||
|
|
try_prio("NORMAL:-CIPHER-ALL:+NULL", null, 1); /* null */
|
||
|
|
try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL", normal + null, 10); /* should be null + all */
|
||
|
|
- try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL:-CIPHER-ALL:+AES-128-CBC", 10, 1); /* should be null + all */
|
||
|
|
+ try_prio("NORMAL:-CIPHER-ALL:+NULL:+CIPHER-ALL:-CIPHER-ALL:+AES-128-CBC", 5, 1);
|
||
|
|
try_prio("PERFORMANCE", normal, 9);
|
||
|
|
- try_prio("SECURE256", 20, 4);
|
||
|
|
+ try_prio("SECURE256", 10, 4);
|
||
|
|
try_prio("SECURE128", sec128, 8);
|
||
|
|
try_prio("SECURE128:+SECURE256", sec128, 8); /* should be the same as SECURE128 */
|
||
|
|
try_prio("SECURE128:+SECURE256:+NORMAL", normal, 9); /* should be the same as NORMAL */
|
||
|
|
--
|
||
|
|
2.14.3
|
||
|
|
|