[gnutls-devel] GnuTLS | Compiled-in, yet unsupported by default, TLS versions (!1157)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Tue Jan 7 12:30:34 CET 2020




Dimitri John Ledkov commented on a discussion on lib/algorithms/protocols.c: https://gitlab.com/gnutls/gnutls/merge_requests/1157#note_268059807

>  	return GNUTLS_E_INVALID_REQUEST;
>  }
>  
> +int _gnutls_version_mark_supported(const char *name)
> +{
> +#ifndef DISABLE_SYSTEM_CONFIG
> +	version_entry_st *p;
> +
> +	for (p = sup_versions; p->name != NULL; p++)
> +		if (c_strcasecmp(p->name, name) == 0) {
> +			p->supported = 1;

Hm, that's not intended. Priority strings actually remove algos from the list, whilst mark_disabled does not. This thus will result in behaviour dependant on the ordering of "supported-version" and "disabled-version", which I do not like.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/1157#note_268059807
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200107/cc4f57cf/attachment-0001.html>


More information about the Gnutls-devel mailing list