-#define DH_BITS_TEXT N_("Diffie-Hellman prime bits")
-#define DH_BITS_LONGTEXT N_( \
- "This allows you to modify the Diffie-Hellman prime's number of bits, " \
- "used for TLS or SSL-based server-side encryption. This is generally " \
- "not needed." )
-
-#define CACHE_TIMEOUT_TEXT N_("Expiration time for resumed TLS sessions")
-#define CACHE_TIMEOUT_LONGTEXT N_( \
- "It is possible to cache the resumed TLS sessions. This is the expiration "\
- "time of the sessions stored in this cache, in seconds." )
-
-#define CACHE_SIZE_TEXT N_("Number of resumed TLS sessions")
-#define CACHE_SIZE_LONGTEXT N_( \
- "This is the maximum number of resumed TLS sessions that " \
- "the cache will hold." )
-
-#define CHECK_CERT_TEXT N_("Check TLS/SSL server certificate validity")
-#define CHECK_CERT_LONGTEXT N_( \
- "This ensures that the server certificate is valid " \
- "(i.e. signed by an approved Certification Authority)." )
-
-vlc_module_begin();
- set_shortname( "GnuTLS" );
- set_description( _("GnuTLS transport layer security") );
- set_capability( "tls client", 1 );
- set_callbacks( OpenClient, CloseClient );
- set_category( CAT_ADVANCED );
- set_subcategory( SUBCAT_ADVANCED_MISC );
-
- add_bool( "tls-check-cert", VLC_TRUE, NULL, CHECK_CERT_TEXT,
- CHECK_CERT_LONGTEXT, VLC_FALSE );
- add_obsolete_bool( "tls-check-hostname" );
-
- add_submodule();
- set_description( _("GnuTLS server") );
- set_capability( "tls server", 1 );
- set_category( CAT_ADVANCED );
- set_subcategory( SUBCAT_ADVANCED_MISC );
- set_callbacks( OpenServer, CloseServer );
-
- add_integer( "gnutls-dh-bits", DH_BITS, NULL, DH_BITS_TEXT,
- DH_BITS_LONGTEXT, VLC_TRUE );
- add_integer( "gnutls-cache-timeout", CACHE_TIMEOUT, NULL,
- CACHE_TIMEOUT_TEXT, CACHE_TIMEOUT_LONGTEXT, VLC_TRUE );
- add_integer( "gnutls-cache-size", CACHE_SIZE, NULL, CACHE_SIZE_TEXT,
- CACHE_SIZE_LONGTEXT, VLC_TRUE );
-vlc_module_end();
-
-
-
-#ifdef LIBVLC_USE_PTHREAD
-GCRY_THREAD_OPTION_PTHREAD_IMPL;
-# define gcry_threads_vlc gcry_threads_pthread
-#else
-/**
- * gcrypt thread option VLC implementation
- */
-
-# define NEED_THREAD_CONTEXT 1
-static vlc_object_t *__p_gcry_data = NULL;
-
-static int gcry_vlc_mutex_init( void **p_sys )
-{
- int i_val;
- vlc_mutex_t *p_lock = (vlc_mutex_t *)malloc( sizeof( vlc_mutex_t ) );
-
- if( p_lock == NULL)
- return ENOMEM;
-
- i_val = vlc_mutex_init( __p_gcry_data, p_lock );
- if( i_val )
- free( p_lock );
- else
- *p_sys = p_lock;
- return i_val;
-}
+#define PRIORITIES_TEXT N_("TLS cipher priorities")
+#define PRIORITIES_LONGTEXT N_("Ciphers, key exchange methods, " \
+ "hash functions and compression methods can be selected. " \
+ "Refer to GNU TLS documentation for detailed syntax.")
+static const char *const priorities_values[] = {
+ "PERFORMANCE",
+ "NORMAL",
+ "SECURE128",
+ "SECURE256",
+ "EXPORT",
+};
+static const char *const priorities_text[] = {
+ N_("Performance (prioritize faster ciphers)"),
+ N_("Normal"),
+ N_("Secure 128-bits (exclude 256-bits ciphers)"),
+ N_("Secure 256-bits (prioritize 256-bits ciphers)"),
+ N_("Export (include insecure ciphers)"),
+};