reverting changes

Signed-off-by: Jordan Filteau <[email protected]>
zowe · Oct 13, 2023 · 0d55d47 · 0d55d47
1 parent e71d1ce
commit 0d55d47
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 12 deletions.
diff --git a/c/tls.c b/c/tls.c
@@ -165,22 +165,22 @@ int tlsSocketInit(TlsEnvironment *env, TlsSocket **outSocket, int fd, bool isSer
     return TLS_ALLOC_ERROR;
   }
   char *label = env->settings->label;
-  char *ciphers1_2 = env->settings->ciphers1_2;
-  char *ciphers1_3 = env->settings->ciphers1_3;
+  char *ciphers = env->settings->ciphers;
   char *keyshares = env->settings->keyshares;
   rc = rc || gsk_secure_socket_open(env->envHandle, &socket->socketHandle);
   rc = rc || gsk_attribute_set_numeric_value(socket->socketHandle, GSK_FD, fd);
   if (label) {
     rc = rc || gsk_attribute_set_buffer(socket->socketHandle, GSK_KEYRING_LABEL, label, 0);
   }
+  if (ciphers) {
+    rc = rc || gsk_attribute_set_buffer(socket->socketHandle, GSK_V3_CIPHER_SPECS_EXPANDED, ciphers, 0);
+    rc = rc || gsk_attribute_set_enum(socket->socketHandle, GSK_V3_CIPHERS, GSK_V3_CIPHERS_CHAR4);
+  }
   rc = rc || gsk_attribute_set_enum(socket->socketHandle, GSK_SESSION_TYPE, isServer ? GSK_SERVER_SESSION_WITH_CL_AUTH : GSK_CLIENT_SESSION);
   /*
     To be safe,
   */
   if (isTLSV13Enabled(env->settings)) {
-    if (ciphers1_3) {
-      rc = rc || gsk_attribute_set_buffer(socket->socketHandle, GSK_V3_CIPHER_SPECS_EXPANDED, ciphers1_3, 0);
-    }
     if (keyshares) {
      /*   
        Only TLS 1.3 needs this.
@@ -191,12 +191,7 @@ int tlsSocketInit(TlsEnvironment *env, TlsSocket **outSocket, int fd, bool isSer
         rc = rc || gsk_attribute_set_buffer(socket->socketHandle, GSK_CLIENT_TLS_KEY_SHARES, keyshares, 0);
       }
     }
-  } else {
-    if (ciphers1_2) {
-      rc = rc || gsk_attribute_set_buffer(socket->socketHandle, GSK_V3_CIPHER_SPECS_EXPANDED, ciphers1_2, 0);
-    }
   }
-  rc = rc || gsk_attribute_set_enum(socket->socketHandle, GSK_V3_CIPHERS, GSK_V3_CIPHERS_CHAR4);
   rc = rc || gsk_attribute_set_callback(socket->socketHandle, GSK_IO_CALLBACK, &ioCallbacks);
   rc = rc || gsk_secure_socket_init(socket->socketHandle);
   if (rc == 0) {

diff --git a/h/tls.h b/h/tls.h
@@ -124,7 +124,7 @@ typedef struct TlsSettings_tag {
 #define TLS_AES_128_GCM_SHA256 "1301"
 #define TLS_AES_256_GCM_SHA384 "1302"
 #define TLS_CHACHA20_POLY1305_SHA256 "1303"
-  char *ciphers1_2;
+  char *ciphers;
 #define TLS_X25519 "0029"
 #define TLS_SECP256R1 "0023"
 #define TLS_SECP521R1 "0025"
@@ -135,7 +135,6 @@ typedef struct TlsSettings_tag {
      TODO: Find out why it isn't negotiating 1.2.
   */
   char *maxTls;
-  char *ciphers1_3;
 } TlsSettings;
 
 typedef struct TlsEnvironment_tag {