Commit 7986cb4a authored by Rémi Denis-Courmont's avatar Rémi Denis-Courmont

GnuTLS: add larger SHAs

parent 245269e9
...@@ -5404,7 +5404,7 @@ AC_ARG_ENABLE(gnutls, ...@@ -5404,7 +5404,7 @@ AC_ARG_ENABLE(gnutls,
[ --enable-gnutls gnutls TLS/SSL support (default enabled)]) [ --enable-gnutls gnutls TLS/SSL support (default enabled)])
AS_IF([test "${enable_gnutls}" != "no"], [ AS_IF([test "${enable_gnutls}" != "no"], [
PKG_CHECK_MODULES(GNUTLS, [gnutls >= 1.3.3], [ PKG_CHECK_MODULES(GNUTLS, [gnutls >= 1.7.4], [
VLC_ADD_PLUGIN([gnutls]) VLC_ADD_PLUGIN([gnutls])
VLC_ADD_CFLAGS([gnutls], [$GNUTLS_CFLAGS]) VLC_ADD_CFLAGS([gnutls], [$GNUTLS_CFLAGS])
AS_IF([test "${SYS}" = "mingw32"], [ AS_IF([test "${SYS}" = "mingw32"], [
......
...@@ -420,6 +420,7 @@ gnutls_SessionPrioritize (vlc_object_t *obj, gnutls_session_t session) ...@@ -420,6 +420,7 @@ gnutls_SessionPrioritize (vlc_object_t *obj, gnutls_session_t session)
/* Note that ordering matters (on the client side) */ /* Note that ordering matters (on the client side) */
static const int protos[] = static const int protos[] =
{ {
/*GNUTLS_TLS1_2, as of GnuTLS 2.6.5, still not ratified */
GNUTLS_TLS1_1, GNUTLS_TLS1_1,
GNUTLS_TLS1_0, GNUTLS_TLS1_0,
GNUTLS_SSL3, GNUTLS_SSL3,
...@@ -433,6 +434,9 @@ gnutls_SessionPrioritize (vlc_object_t *obj, gnutls_session_t session) ...@@ -433,6 +434,9 @@ gnutls_SessionPrioritize (vlc_object_t *obj, gnutls_session_t session)
}; };
static const int macs[] = static const int macs[] =
{ {
GNUTLS_MAC_SHA512,
GNUTLS_MAC_SHA384,
GNUTLS_MAC_SHA256,
GNUTLS_MAC_SHA1, GNUTLS_MAC_SHA1,
GNUTLS_MAC_RMD160, // RIPEMD GNUTLS_MAC_RMD160, // RIPEMD
GNUTLS_MAC_MD5, GNUTLS_MAC_MD5,
...@@ -446,6 +450,7 @@ gnutls_SessionPrioritize (vlc_object_t *obj, gnutls_session_t session) ...@@ -446,6 +450,7 @@ gnutls_SessionPrioritize (vlc_object_t *obj, gnutls_session_t session)
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_CIPHER_AES_128_CBC,
GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_3DES_CBC,
GNUTLS_CIPHER_ARCFOUR_128, GNUTLS_CIPHER_ARCFOUR_128,
// TODO? Camellia ciphers?
//GNUTLS_CIPHER_DES_CBC, //GNUTLS_CIPHER_DES_CBC,
//GNUTLS_CIPHER_ARCFOUR_40, //GNUTLS_CIPHER_ARCFOUR_40,
//GNUTLS_CIPHER_RC2_40_CBC, //GNUTLS_CIPHER_RC2_40_CBC,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment