Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
a7086099
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
1 年多 前同步成功
通知
10
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
a7086099
编写于
12年前
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Don't try to use unvalidated composite ciphers in FIPS mode
上级
a9e6c091
无相关合并请求
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
14 addition
and
2 deletion
+14
-2
CHANGES
CHANGES
+9
-2
ssl/ssl_ciph.c
ssl/ssl_ciph.c
+5
-0
未找到文件。
CHANGES
浏览文件 @
a7086099
...
...
@@ -289,8 +289,15 @@
whose return value is often ignored.
[Steve Henson]
Changes between 1.0.1a and 1.0.1b [xx XXX xxxx]
Changes between 1.0.1b and 1.0.1c [xx XXX xxxx]
*) In FIPS mode don't try to use composite ciphers as they are not
approved.
[Steve Henson]
Changes between 1.0.1a and 1.0.1b [26 Apr 2012]
*) OpenSSL 1.0.0 sets SSL_OP_ALL to 0x80000FFFL and OpenSSL 1.0.1 and
1.0.1a set SSL_OP_NO_TLSv1_1 to 0x00000400L which would unfortunately
mean any application compiled against OpenSSL 1.0.0 headers setting
...
...
This diff is collapsed.
Click to expand it.
ssl/ssl_ciph.c
浏览文件 @
a7086099
...
...
@@ -620,6 +620,11 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
s
->
ssl_version
<
TLS1_VERSION
)
return
1
;
#ifdef OPENSSL_FIPS
if
(
FIPS_mode
())
return
1
;
#endif
if
(
c
->
algorithm_enc
==
SSL_RC4
&&
c
->
algorithm_mac
==
SSL_MD5
&&
(
evp
=
EVP_get_cipherbyname
(
"RC4-HMAC-MD5"
)))
...
...
This diff is collapsed.
Click to expand it.
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录
反馈
建议
客服
返回
顶部