Added dh- and dss-related functions. New functions rsa_mode() and

dhe_dss_mode().

Rev: lib/modules/SSL.pmod/context.pike:1.8

lib/modules/SSL.pmod/context.pike

-/* $Id: context.pike,v 1.7 1999/02/15 14:41:37 nisse Exp $
+/* $Id: context.pike,v 1.8 1999/03/09 14:55:40 nisse Exp $
  *
  * Keeps track of global data for an SSL server,
  * such as preferred encryption algorithms and session cache.
@@ -15,6 +15,9 @@ object rsa;  /* Servers private key */
 object long_rsa;
 object short_rsa;
 
+object dsa;  /* Servers dsa key */
+object dh_params; /* Parameters for dh keyexchange */
+
 function(int:string) random; /* Random number generator */
 
 /* Chain of X509.v3 certificates
@@ -27,7 +30,14 @@ array(string) authorities; /* List of authorities distinguished names */
 array(int) preferred_auth_methods =
 ({ AUTH_rsa_sign });
 
-array(int) preferred_suites =
+array(int) preferred_suites;
+
+void rsa_mode()
+{
+#ifdef SSL3_DEBUG
+  werror("SSL.context: rsa_mode()\n");
+#endif
+  preferred_suites =
     ({ SSL_rsa_with_idea_cbc_sha,
        SSL_rsa_with_rc4_128_sha,
        SSL_rsa_with_rc4_128_md5,
@@ -37,13 +47,31 @@ array(int) preferred_suites =
        SSL_rsa_with_null_sha,
        SSL_rsa_with_null_md5
     });
+}
 
-void export_mode()
+void dhe_dss_mode()
 {
+#ifdef SSL3_DEBUG
+  werror("SSL.context: dhe_dss_mode()\n");
+#endif
   preferred_suites =
+    ({ SSL_dhe_dss_with_3des_ede_cbc_sha,
+       SSL_dhe_dss_with_des_cbc_sha,
+       SSL_dhe_dss_export_with_des40_cbc_sha,
+    });
+}
+
+void export_mode()
+{
+#ifdef SSL3_DEBUG
+  werror("SSL.context: export_mode()\n");
+#endif
+  
+  preferred_suites &=
     ({ SSL_rsa_export_with_rc4_40_md5,
        SSL_rsa_with_null_sha,
-       SSL_rsa_with_null_md5
+       SSL_rsa_with_null_md5,
+       SSL_dhe_dss_export_with_des40_cbc_sha
     });
 }
 
@@ -117,4 +145,6 @@ void create()
 #endif
   active_sessions = Queue();
   session_cache = ([ ]);
+  /* Backwards compatibility */
+  rsa_mode();
 }