9pfs/solanum-vs-hackint-and-charybdis
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

GNUTLS: Raise minimum group size for Diffie-Hellman-Merkle key exchange

Browse source 
A 2048-bit long P should really be the minimum these days.
This commit is contained in:
Aaron Jones 2016-09-16 13:38:12 +00:00
parent 5797027e9f
commit 25ecd3cc86
No known key found for this signature in database
GPG key ID: EC6F86EE9CD840B5
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
libratbox/src/gnutls.c
View file

@ -157,7 +157,7 @@ rb_ssl_init_fd(rb_fde_t *const F, const rb_fd_tls_direction dir)
gnutls_init((gnutls_session_t *) F->ssl, init_flags); gnutls_init((gnutls_session_t *) F->ssl, init_flags);
gnutls_set_default_priority(SSL_P(F)); gnutls_set_default_priority(SSL_P(F));
gnutls_credentials_set(SSL_P(F), GNUTLS_CRD_CERTIFICATE, server_cert_key); gnutls_credentials_set(SSL_P(F), GNUTLS_CRD_CERTIFICATE, server_cert_key);
gnutls_dh_set_prime_bits(SSL_P(F), 1024); gnutls_dh_set_prime_bits(SSL_P(F), 2048);
gnutls_priority_set(SSL_P(F), default_priority); gnutls_priority_set(SSL_P(F), default_priority);
gnutls_transport_set_ptr(SSL_P(F), (gnutls_transport_ptr_t) F); gnutls_transport_set_ptr(SSL_P(F), (gnutls_transport_ptr_t) F);