tls-crypto: Rename DH group/key exchange method config option
TLS key exchange methods are now configured with `ke_group`.
This commit is contained in:
parent
a60e248b0d
commit
e5b6565730
|
@ -473,6 +473,9 @@ charon.tls.mac
|
||||||
charon.tls.suites
|
charon.tls.suites
|
||||||
List of TLS cipher suites.
|
List of TLS cipher suites.
|
||||||
|
|
||||||
|
charon.tls.ke_group
|
||||||
|
List of TLS key exchange groups.
|
||||||
|
|
||||||
charon.tls.send_certreq_authorities = yes
|
charon.tls.send_certreq_authorities = yes
|
||||||
Whether to include CAs in a server's CertificateRequest message.
|
Whether to include CAs in a server's CertificateRequest message.
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 2020 Pascal Knecht
|
* Copyright (C) 2020-2021 Pascal Knecht
|
||||||
* HSR Hochschule fuer Technik Rapperswil
|
* HSR Hochschule fuer Technik Rapperswil
|
||||||
*
|
*
|
||||||
* Copyright (C) 2014 Martin Willi
|
* Copyright (C) 2014 Martin Willi
|
||||||
|
@ -559,8 +559,8 @@ static void test_tls(tls_version_t version, uint16_t port, bool cauth, u_int i)
|
||||||
/**
|
/**
|
||||||
* TLS curve test wrapper function
|
* TLS curve test wrapper function
|
||||||
*/
|
*/
|
||||||
static void test_tls_curves(tls_version_t version, uint16_t port, bool cauth,
|
static void test_tls_ke_groups(tls_version_t version, uint16_t port, bool cauth,
|
||||||
u_int i)
|
u_int i)
|
||||||
{
|
{
|
||||||
echo_server_config_t *config;
|
echo_server_config_t *config;
|
||||||
diffie_hellman_group_t *groups;
|
diffie_hellman_group_t *groups;
|
||||||
|
@ -575,7 +575,7 @@ static void test_tls_curves(tls_version_t version, uint16_t port, bool cauth,
|
||||||
ck_assert(i < count);
|
ck_assert(i < count);
|
||||||
snprintf(curve, sizeof(curve), "%N", diffie_hellman_group_names_short,
|
snprintf(curve, sizeof(curve), "%N", diffie_hellman_group_names_short,
|
||||||
groups[i]);
|
groups[i]);
|
||||||
lib->settings->set_str(lib->settings, "%s.tls.curve", curve, lib->ns);
|
lib->settings->set_str(lib->settings, "%s.tls.ke_group", curve, lib->ns);
|
||||||
|
|
||||||
run_echo_client(config);
|
run_echo_client(config);
|
||||||
|
|
||||||
|
@ -653,9 +653,9 @@ START_TEST(test_tls_13_client)
|
||||||
}
|
}
|
||||||
END_TEST
|
END_TEST
|
||||||
|
|
||||||
START_TEST(test_tls13_curves)
|
START_TEST(test_tls13_ke_groups)
|
||||||
{
|
{
|
||||||
test_tls_curves(TLS_1_3, 5668, FALSE, _i);
|
test_tls_ke_groups(TLS_1_3, 5668, FALSE, _i);
|
||||||
}
|
}
|
||||||
END_TEST
|
END_TEST
|
||||||
|
|
||||||
|
@ -736,9 +736,9 @@ Suite *socket_suite_create()
|
||||||
add_tls_versions_test(test_tls_12_server, TLS_1_0, TLS_1_3);
|
add_tls_versions_test(test_tls_12_server, TLS_1_0, TLS_1_3);
|
||||||
suite_add_tcase(s, tc);
|
suite_add_tcase(s, tc);
|
||||||
|
|
||||||
tc = tcase_create("TLS 1.3/curves");
|
tc = tcase_create("TLS 1.3/key exchange groups");
|
||||||
tcase_add_checked_fixture(tc, setup_creds, teardown_creds);
|
tcase_add_checked_fixture(tc, setup_creds, teardown_creds);
|
||||||
tcase_add_loop_test(tc, test_tls13_curves, 0,
|
tcase_add_loop_test(tc, test_tls13_ke_groups, 0,
|
||||||
tls_crypto_get_supported_groups(NULL));
|
tls_crypto_get_supported_groups(NULL));
|
||||||
suite_add_tcase(s, tc);
|
suite_add_tcase(s, tc);
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 2020 Tobias Brunner
|
* Copyright (C) 2020 Tobias Brunner
|
||||||
* Copyright (C) 2020 Pascal Knecht
|
* Copyright (C) 2020-2021 Pascal Knecht
|
||||||
* Copyright (C) 2020 Méline Sieber
|
* Copyright (C) 2020 Méline Sieber
|
||||||
* HSR Hochschule fuer Technik Rapperswil
|
* HSR Hochschule fuer Technik Rapperswil
|
||||||
*
|
*
|
||||||
|
@ -1103,7 +1103,8 @@ static bool filter_curve_config(tls_named_group_t curve)
|
||||||
enumerator_t *enumerator;
|
enumerator_t *enumerator;
|
||||||
char *token, *config;
|
char *token, *config;
|
||||||
|
|
||||||
config = lib->settings->get_str(lib->settings, "%s.tls.curve", NULL, lib->ns);
|
config = lib->settings->get_str(lib->settings, "%s.tls.ke_group", NULL,
|
||||||
|
lib->ns);
|
||||||
if (config)
|
if (config)
|
||||||
{
|
{
|
||||||
enumerator = enumerator_create_token(config, ",", " ");
|
enumerator = enumerator_create_token(config, ",", " ");
|
||||||
|
|
Loading…
Reference in New Issue