[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_11-37-gd8f9b98
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_11-37-gd8f9b98 |
|
Date: |
Thu, 12 Jan 2012 18:06:43 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=d8f9b98c129223b3b6d04483dba62c6afe9c92f0
The branch, master has been updated
via d8f9b98c129223b3b6d04483dba62c6afe9c92f0 (commit)
via 88ee54096697f4efabdbd96fcda32397d4ab34e7 (commit)
from 2ab2e5cd8acba95851461c880c5a57714a792d5b (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit d8f9b98c129223b3b6d04483dba62c6afe9c92f0
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Jan 12 19:10:37 2012 +0100
Documented ways to list the enabled ciphersuites.
commit 88ee54096697f4efabdbd96fcda32397d4ab34e7
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Jan 12 09:26:59 2012 +0100
updated
-----------------------------------------------------------------------
Summary of changes:
.gitignore | 1 +
doc/cha-gtls-app.texi | 9 +++++-
doc/cha-gtls-examples.texi | 9 ++++++
doc/cha-programs.texi | 15 ++++++++++
doc/examples/Makefile.am | 4 +-
doc/examples/print-ciphersuites.c | 52 +++++++++++++++++++++++++++++++++++++
6 files changed, 86 insertions(+), 4 deletions(-)
create mode 100644 doc/examples/print-ciphersuites.c
diff --git a/.gitignore b/.gitignore
index 7c60614..da390b4 100644
--- a/.gitignore
+++ b/.gitignore
@@ -52,6 +52,7 @@ doc/errcodes
doc/error_codes.texi
doc/examples/Makefile
doc/examples/Makefile.in
+doc/examples/print-ciphersuites
doc/examples/ex-cert-select
doc/examples/ex-cert-select-pkcs11
doc/examples/ex-client-psk
diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi
index 406e6b3..d2968a0 100644
--- a/doc/cha-gtls-app.texi
+++ b/doc/cha-gtls-app.texi
@@ -682,6 +682,7 @@ Alerts messages may be sent to the peer using
@funcref{gnutls_alert_send}.
@node Priority Strings
@section Priority strings
address@hidden Priority strings
In order to specify cipher suite preferences on a TLS session
there are priority functions that accept a string
@@ -771,7 +772,6 @@ appended with an algorithm will remove this algorithm.
appended with an algorithm will add this algorithm.
@end table
-
@float Table,tab:prio-algorithms
@multitable @columnfractions .20 .70
@headitem Type @tab Keywords
@@ -879,7 +879,9 @@ will allow V1 CAs in chains.
@caption{Special priority string keywords.}
@end float
-
+Finally the ciphersuites enabled by any priority string can be
+listed using the @code{gnutls-cli} application (see @ref{The gnutls-cli
tool}),
+or by using the priority functions as in @ref{Listing the ciphersuites in a
priority string}.
@node Advanced and other topics
@section Advanced and other topics
@@ -947,6 +949,9 @@ Those keys should be associated with the GnuTLS session
using
@showfuncdesc{gnutls_session_ticket_key_generate}
@showfuncdesc{gnutls_session_resumption_requested}
+A server enabling both session tickets and a storage for session data
+would use session tickets when clients support it and the storage otherwise.
+
@node Parameter generation
@subsection Parameter generation
@cindex parameter generation
diff --git a/doc/cha-gtls-examples.texi b/doc/cha-gtls-examples.texi
index d62de93..36ec425 100644
--- a/doc/cha-gtls-examples.texi
+++ b/doc/cha-gtls-examples.texi
@@ -223,6 +223,7 @@ This example is a very simple echo server using Datagram
TLS and
@menu
* Checking for an alert::
* X.509 certificate parsing example::
+* Listing the ciphersuites in a priority string::
@end menu
@node Checking for an alert
@@ -242,3 +243,11 @@ listed below. That program reads the peer's certificate,
and prints
information about it.
@verbatiminclude examples/ex-x509-info.c
+
address@hidden Listing the ciphersuites in a priority string
address@hidden Listing the ciphersuites in a priority string
+
+This is a small program to list the enabled ciphersuites by a
+priority string.
+
address@hidden examples/print-ciphersuites.c
diff --git a/doc/cha-programs.texi b/doc/cha-programs.texi
index ece7049..fdfad66 100644
--- a/doc/cha-programs.texi
+++ b/doc/cha-programs.texi
@@ -101,6 +101,21 @@ By keeping the @code{--pskusername} parameter and removing
the
@code{--pskkey} parameter, it will query only for the password during
the handshake.
address@hidden Listing the ciphersuites in a priority string
address@hidden Priority strings
+
address@hidden
+$ ./gnutls-cli --priority SECURE256 -l
+Cipher suites for SECURE256
+TLS_ECDHE_ECDSA_AES_256_CBC_SHA384 0xc0, 0x24 TLS1.2
+TLS_ECDHE_ECDSA_AES_256_GCM_SHA384 0xc0, 0x2e TLS1.2
+TLS_ECDHE_RSA_AES_256_GCM_SHA384 0xc0, 0x30 TLS1.2
+TLS_DHE_RSA_AES_256_CBC_SHA256 0x00, 0x6b TLS1.2
+TLS_DHE_DSS_AES_256_CBC_SHA256 0x00, 0x6a TLS1.2
+TLS_RSA_AES_256_CBC_SHA256 0x00, 0x3d TLS1.2
address@hidden example
+
+
@node The gnutls-serv tool
@section The gnutls-serv tool
@cindex gnutls-serv
diff --git a/doc/examples/Makefile.am b/doc/examples/Makefile.am
index aac8421..246fe01 100644
--- a/doc/examples/Makefile.am
+++ b/doc/examples/Makefile.am
@@ -45,7 +45,7 @@ noinst_PROGRAMS = ex-client-resume ex-client-dtls
noinst_PROGRAMS += ex-cert-select ex-client-x509
if ENABLE_PKI
-noinst_PROGRAMS += ex-crq ex-serv-x509 ex-serv-dtls
+noinst_PROGRAMS += print-ciphersuites ex-crq ex-serv-x509 ex-serv-dtls
endif
if ENABLE_CXX
@@ -79,6 +79,6 @@ endif
noinst_LTLIBRARIES = libexamples.la
-libexamples_la_SOURCES = examples.h ex-alert.c ex-pkcs12.c \
+libexamples_la_SOURCES = examples.h ex-alert.c ex-pkcs12.c \
ex-session-info.c ex-x509-info.c ex-verify.c \
tcp.c udp.c ex-pkcs11-list.c verify.c
diff --git a/doc/examples/print-ciphersuites.c
b/doc/examples/print-ciphersuites.c
new file mode 100644
index 0000000..8bfdb2a
--- /dev/null
+++ b/doc/examples/print-ciphersuites.c
@@ -0,0 +1,52 @@
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <gnutls/gnutls.h>
+
+static void
+print_cipher_suite_list (const char* priorities)
+{
+ size_t i;
+ int ret;
+ unsigned int idx;
+ const char *name;
+ const char *err;
+ unsigned char id[2];
+ gnutls_protocol_t version;
+ gnutls_priority_t pcache;
+
+ if (priorities != NULL)
+ {
+ printf ("Cipher suites for %s\n", priorities);
+
+ ret = gnutls_priority_init(&pcache, priorities, &err);
+ if (ret < 0)
+ {
+ fprintf (stderr, "Syntax error at: %s\n", err);
+ exit(1);
+ }
+
+ for (i=0;;i++)
+ {
+ ret = gnutls_priority_get_cipher_suite_index(pcache, i, &idx);
+ if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) break;
+ if (ret == GNUTLS_E_UNKNOWN_CIPHER_SUITE) continue;
+
+ name = gnutls_cipher_suite_info(idx, id, NULL, NULL, NULL,
&version);
+
+ if (name != NULL)
+ printf ("%-50s\t0x%02x, 0x%02x\t%s\n",
+ name, (unsigned char) id[0], (unsigned char) id[1],
+ gnutls_protocol_get_name (version));
+ }
+
+ return;
+ }
+}
+
+int main(int argc, char** argv)
+{
+ if (argc > 1)
+ print_cipher_suite_list (argv[1]);
+}
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_0_11-37-gd8f9b98,
Nikos Mavrogiannopoulos <=