[libsoup] soup-gnutls: talk to servers even if they use really lame key lengths

From: Dan Winship <danw src gnome org>
To: commits-list gnome org
Cc:
Subject: [libsoup] soup-gnutls: talk to servers even if they use really lame key lengths
Date: Sat, 22 May 2010 21:13:16 +0000 (UTC)

commit f07043d9898259179cd2cf31949cb7b2bd96175b
Author: Dan Winship <danw gnome org>
Date:   Sat May 22 17:09:06 2010 -0400

    soup-gnutls: talk to servers even if they use really lame key lengths
    
    https://bugzilla.gnome.org/show_bug.cgi?id=615535

 libsoup/soup-gnutls.c |    5 +++++
 1 files changed, 5 insertions(+), 0 deletions(-)
---
diff --git a/libsoup/soup-gnutls.c b/libsoup/soup-gnutls.c
index 79211f5..cb0fbe5 100644
--- a/libsoup/soup-gnutls.c
+++ b/libsoup/soup-gnutls.c
@@ -486,6 +486,11 @@ soup_ssl_wrap_iochannel (GIOChannel *sock, gboolean non_blocking,
 
 	if (type == SOUP_SSL_TYPE_SERVER)
 		gnutls_dh_set_prime_bits (session, DH_BITS);
+	else {
+		// gnutls defaults to requiring at least 768-bit keys,
+		// but there are some lame servers out there...
+		gnutls_dh_set_prime_bits (session, 256);
+	}
 
 	chan = g_slice_new0 (SoupGNUTLSChannel);
 	chan->real_sock = sock;

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]