[glib-networking/wip/nacho/openssl: 14/14] openssl: use PROFILE=SYSTEM as default cipher list
- From: Ignacio Casal Quinteiro <icq src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [glib-networking/wip/nacho/openssl: 14/14] openssl: use PROFILE=SYSTEM as default cipher list
- Date: Wed, 19 Sep 2018 15:35:29 +0000 (UTC)
commit c361f1d4f446c3a9ea4d01c25a1ed485d281885f
Author: Ignacio Casal Quinteiro <icq gnome org>
Date: Tue Sep 18 18:22:42 2018 +0200
openssl: use PROFILE=SYSTEM as default cipher list
This is the requirement on fedora so let's just use it
if we have a newly enough openssl
tls/openssl/gtlsclientconnection-openssl.c | 6 +++++-
tls/openssl/gtlsserverconnection-openssl.c | 8 ++++++--
2 files changed, 11 insertions(+), 3 deletions(-)
---
diff --git a/tls/openssl/gtlsclientconnection-openssl.c b/tls/openssl/gtlsclientconnection-openssl.c
index b1560c1..61fd2be 100644
--- a/tls/openssl/gtlsclientconnection-openssl.c
+++ b/tls/openssl/gtlsclientconnection-openssl.c
@@ -35,7 +35,11 @@
#include "gtlscertificate-openssl.h"
#include <glib/gi18n-lib.h>
-#define DEFAULT_CIPHER_LIST "HIGH:!DSS:!aNULL@STRENGTH"
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined (LIBRESSL_VERSION_NUMBER)
+# define DEFAULT_CIPHER_LIST "HIGH:!DSS:!aNULL@STRENGTH"
+#else
+# define DEFAULT_CIPHER_LIST "PROFILE=SYSTEM"
+#endif
typedef struct _GTlsClientConnectionOpensslPrivate
{
diff --git a/tls/openssl/gtlsserverconnection-openssl.c b/tls/openssl/gtlsserverconnection-openssl.c
index 6a99574..2a3d66b 100644
--- a/tls/openssl/gtlsserverconnection-openssl.c
+++ b/tls/openssl/gtlsserverconnection-openssl.c
@@ -30,6 +30,12 @@
#include "openssl-include.h"
#include <glib/gi18n-lib.h>
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined (LIBRESSL_VERSION_NUMBER)
+# define DEFAULT_CIPHER_LIST "HIGH:!DSS:!aNULL@STRENGTH"
+#else
+# define DEFAULT_CIPHER_LIST "PROFILE=SYSTEM"
+#endif
+
typedef struct _GTlsServerConnectionOpensslPrivate
{
GTlsAuthenticationMode authentication_mode;
@@ -44,8 +50,6 @@ enum
PROP_AUTHENTICATION_MODE
};
-#define DEFAULT_CIPHER_LIST "HIGH:!DSS:!aNULL@STRENGTH"
-
static void g_tls_server_connection_openssl_initable_interface_init (GInitableIface *iface);
static void g_tls_server_connection_openssl_server_connection_interface_init (GTlsServerConnectionInterface
*iface);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]