Permit null ciphers.

988788f6 · Ben Laurie · f9b2e530 · 988788f6 · 988788f6
隐藏空白更改
内联并排

Showing with 7 addition and 1 deletion

CHANGES CHANGES +6 -0

ssl/ssl_ciph.c ssl/ssl_ciph.c +1 -1

未找到文件。
--- a/CHANGES
+++ b/CHANGES
@@ -5,6 +5,12 @@

 Changes between 0.9.1c and 0.9.2

+  *) Permit null encryption ciphersuites, used for authentication only. It used
+     to be necessary to set the preprocessor define SSL_ALLOW_ENULL to do this.
+     It is now necessary to set SSL_FORBID_ENULL to prevent the use of null
+     encryption.
+     [Ben Laurie]
+
  *) Add a bunch of fixes to the PKCS#7 stuff. It used to sometimes reorder
     signed attributes when verifying signatures (this would break them), 
     the detached data encoding was wrong and public keys obtained using

--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -353,7 +353,7 @@ char *str;
 	mask|=SSL_kDHr|SSL_kDHd|SSL_kEDH|SSL_aDH;
 #endif

-#ifndef SSL_ALLOW_ENULL
+#ifdef SSL_FORBID_ENULL
 	mask|=SSL_eNULL;
 #endif