Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Enable AES256 for GnuTLS DTLS
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
  • Loading branch information
David Woodhouse authored and David Woodhouse committed May 30, 2013
1 parent f739310 commit 9241955
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 0 deletions.
2 changes: 2 additions & 0 deletions dtls.c
Expand Up @@ -366,6 +366,8 @@ struct {
} gnutls_dtls_ciphers[] = {
{ "AES128-SHA", GNUTLS_CIPHER_AES_128_CBC, GNUTLS_MAC_SHA1,
"NONE:+VERS-DTLS0.9:+COMP-NULL:+AES-128-CBC:+SHA1:+RSA:%COMPAT:%DISABLE_SAFE_RENEGOTIATION" },
{ "AES256-SHA", GNUTLS_CIPHER_AES_128_CBC, GNUTLS_MAC_SHA1,
"NONE:+VERS-DTLS0.9:+COMP-NULL:+AES-256-CBC:+SHA1:+RSA:%COMPAT:%DISABLE_SAFE_RENEGOTIATION" },
{ "DES-CBC3-SHA", GNUTLS_CIPHER_3DES_CBC, GNUTLS_MAC_SHA1,
"NONE:+VERS-DTLS0.9:+COMP-NULL:+3DES-CBC:+SHA1:+RSA:%COMPAT:%DISABLE_SAFE_RENEGOTIATION" },
};
Expand Down
1 change: 1 addition & 0 deletions www/changelog.xml
Expand Up @@ -17,6 +17,7 @@
<ul>
<li><b>OpenConnect HEAD</b>
<ul>
<li>Enable AES256 mode for DTLS with GnuTLS <a href="https://bugzilla.redhat.com/show_bug.cgi?id=955710"><i>(RH#955710)</i></a>.</li>
<li>Add <tt>--dump-http-traffic</tt> option for debugging.</li>
<li>Be more permissive in parsing XML forms.</li>
<li>Use original URL when falling back to non-XML POST mode.</li>
Expand Down

0 comments on commit 9241955

Please sign in to comment.