Priority strings
Ludovic Courtès
ludo at gnu.org
Wed Mar 2 00:02:48 CET 2011
Hi Nikos,
Nikos Mavrogiannopoulos <nmav at gnutls.org> writes:
> You could use something like that:
> NONE:+VERS-TLS-ALL:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-DH
OK, thanks!
>> Besides, while the old method was more verbose, it allowed
>> programming errors to be spotted more easily (in the Guile bindings,
>> you would get a type error if trying to use a MAC name when setting
>> the cipher priority, for instance.) Could it coexist alongside
>> priority strings?
>
> No the old priority functions will be marked as deprecated and may be
> removed. I cannot understand though how the error you describe apply
> to that interface.
This is what I had in mind:
--8<---------------cut here---------------start------------->8---
scheme@(guile-user)> (define session (make-session connection-end/client))
scheme@(guile-user)> (set-session-mac-priority! session (list cipher/aes-128-cbc))
ERROR: In procedure set-session-mac-priority!:
ERROR: In procedure set-session-mac-priority!: Wrong type argument in position 2: #<gnutls-cipher-enum AES-128-CBC>
--8<---------------cut here---------------end--------------->8---
Priority strings are handy, but they are less expressive and make it
harder to diagnose programming errors, IMO.
Thanks,
Ludo’.
More information about the Gnutls-devel
mailing list