[glib-networking/mcatanzaro/gnutls-ciphersuite-name] gnutls: use new ciphersuite name functions, when available

From: Michael Catanzaro <mcatanzaro src gnome org>
To: commits-list gnome org
Cc:
Subject: [glib-networking/mcatanzaro/gnutls-ciphersuite-name] gnutls: use new ciphersuite name functions, when available
Date: Sat, 15 Jan 2022 19:35:22 +0000 (UTC)


commit da0481fa2500a958db3b1078c510ccfea4697d2f
Author: Michael Catanzaro <mcatanzaro redhat com>
Date:   Sat Jan 15 13:32:48 2022 -0600

    gnutls: use new ciphersuite name functions, when available
    
    This allows us to return IANA-style ciphersuite names instead of the
    custom GnuTLS ciphersuite names.
    
    See: https://gitlab.com/gnutls/gnutls/-/merge_requests/1513

 tls/gnutls/gtlsconnection-gnutls.c | 51 ++++++++++++++++++++++++++++++--------
 1 file changed, 41 insertions(+), 10 deletions(-)
---
diff --git a/tls/gnutls/gtlsconnection-gnutls.c b/tls/gnutls/gtlsconnection-gnutls.c
index 387f14d3..6219ee69 100644
--- a/tls/gnutls/gtlsconnection-gnutls.c
+++ b/tls/gnutls/gtlsconnection-gnutls.c
@@ -1096,20 +1096,36 @@ glib_protocol_version_from_gnutls (gnutls_protocol_t protocol_version)
 }
 
 static gchar *
-get_ciphersuite_name (gnutls_session_t session)
+get_ciphersuite_name_tls_1_2_or_older (gnutls_session_t session)
 {
-  gnutls_protocol_t protocol_version = gnutls_protocol_get_version (session);
+  const char *cipher_name;
+
+  cipher_name = gnutls_cipher_suite_get_name (gnutls_kx_get (session),
+                                              gnutls_cipher_get (session),
+                                              gnutls_mac_get (session));
+
+#if GTLS_GNUTLS_CHECK_VERSION(3, 7, 3)
+  return gnutls_cipher_suite_name_to_iana (cipher_name);
+#else
+  return g_strdup (cipher_name);
+#endif
+}
+
+static gchar *
+get_ciphersuite_name_tls_1_3_or_newer (gnutls_session_t session)
+{
+#if GTLS_GNUTLS_CHECK_VERSION(3, 7, 3)
+  const char *cipher_name;
+
+  cipher_name = gnutls_cipher_suite_get_name2 (GNUTLS_KX_UNKNOWN,
+                                               gnutls_cipher_get (session),
+                                               gnutls_mac_get (session),
+                                               gnutls_prf_hash_get (session));
+  return g_strdup (gnutls_cipher_suite_name_to_iana (cipher_name));
+#else
   char *cipher_name;
   char *result;
 
-  if (protocol_version <= GNUTLS_TLS1_2 ||
-      (protocol_version >= GNUTLS_DTLS0_9 && protocol_version <= GNUTLS_DTLS1_2))
-    {
-      return g_strdup (gnutls_cipher_suite_get_name (gnutls_kx_get (session),
-                                                     gnutls_cipher_get (session),
-                                                     gnutls_mac_get (session)));
-    }
-
   cipher_name = g_strdup (gnutls_cipher_get_name (gnutls_cipher_get (session)));
   for (char *c = cipher_name; *c != '\0'; c++)
     {
@@ -1123,6 +1139,21 @@ get_ciphersuite_name (gnutls_session_t session)
   g_free (cipher_name);
 
   return result;
+#endif
+}
+
+static gchar *
+get_ciphersuite_name (gnutls_session_t session)
+{
+  gnutls_protocol_t protocol_version = gnutls_protocol_get_version (session);
+
+  if (protocol_version <= GNUTLS_TLS1_2 ||
+      (protocol_version >= GNUTLS_DTLS0_9 && protocol_version <= GNUTLS_DTLS1_2))
+    {
+      return get_ciphersuite_name_tls_1_2_or_older (session);
+    }
+
+  return get_ciphersuite_name_tls_1_3_or_newer (session);
 }
 
 static void

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]