@ -3027,33 +3027,34 @@ mod_gnutls_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer *
/* manually handle first token, since one-offs apply */
/* (openssl syntax NOT fully supported) */
if ( 0 = = strncmp ( e , " !ALL " , 4 ) | | 0 = = strncmp ( e , " -ALL " , 4 ) ) {
# define strncmp_const(s,cs) strncmp((s),(cs),sizeof(cs)-1)
if ( 0 = = strncmp_const ( e , " !ALL " ) | | 0 = = strncmp_const ( e , " -ALL " ) ) {
/* "!ALL" excluding all ciphers is empty list */
e + = sizeof ( " !ALL " ) - 1 ; /* same as sizeof("-ALL")-1 */
buffer_append_string_len ( plist , CONST_STR_LEN ( " -CIPHER-ALL: " ) ) ;
}
else if ( 0 = = strncmp ( e , CONST_STR_LEN ( " !DEFAULT " ) )
| | 0 = = strncmp ( e , CONST_STR_LEN ( " -DEFAULT " ) ) ) {
else if ( 0 = = strncmp_const ( e , " !DEFAULT " )
| | 0 = = strncmp_const ( e , " -DEFAULT " ) ) {
/* "!DEFAULT" excluding default ciphers is empty list */
e + = sizeof ( " !DEFAULT " ) - 1 ; /* same as sizeof("-DEFAULT")-1 */
buffer_append_string_len ( plist , CONST_STR_LEN ( " -CIPHER-ALL: " ) ) ;
}
else if ( 0 = = strncmp ( e , CONST_STR_LEN ( " DEFAULT " ) ) ) {
else if ( 0 = = strncmp_const ( e , " DEFAULT " ) ) {
e + = sizeof ( " DEFAULT " ) - 1 ;
s - > priority_base = " NORMAL " ;
}
else if ( 0 = = /* effectively the same as "DEFAULT" */
strncmp ( e , CONST_STR_LEN ( " ALL:!COMPLEMENTOFDEFAULT:!eNULL " ) ) ) {
strncmp_const ( e , " ALL:!COMPLEMENTOFDEFAULT:!eNULL " ) ) {
e + = sizeof ( " ALL:!COMPLEMENTOFDEFAULT:!eNULL " ) - 1 ;
s - > priority_base = " NORMAL " ;
}
else if ( 0 = = strncmp ( e , CONST_STR_LEN ( " SUITEB128 " ) )
| | 0 = = strncmp ( e , CONST_STR_LEN ( " SUITEB128ONLY " ) )
| | 0 = = strncmp ( e , CONST_STR_LEN ( " SUITEB192 " ) ) ) {
s - > priority_base = ( 0 = = strncmp ( e , CONST_STR_LEN ( " SUITEB192 " ) ) )
else if ( 0 = = strncmp_const ( e , " SUITEB128 " )
| | 0 = = strncmp_const ( e , " SUITEB128ONLY " )
| | 0 = = strncmp_const ( e , " SUITEB192 " ) ) {
s - > priority_base = ( 0 = = strncmp_const ( e , " SUITEB192 " ) )
? " SUITEB192 "
: " SUITEB128 " ;
e + = ( 0 = = strncmp ( e , CONST_STR_LEN ( " SUITEB128ONLY " ) ) )
e + = ( 0 = = strncmp_const ( e , " SUITEB128ONLY " ) )
? sizeof ( " SUITEB128ONLY " ) - 1
: sizeof ( " SUITEB128 " ) - 1 ;
if ( * e )