diff options
| author | Jun-ichiro itojun Hagino <itojun@cvs.openbsd.org> | 2002-06-07 19:55:35 +0000 |
|---|---|---|
| committer | Jun-ichiro itojun Hagino <itojun@cvs.openbsd.org> | 2002-06-07 19:55:35 +0000 |
| commit | f8d079bc1404f46b8e4ae446d4486f94588d715a (patch) | |
| tree | ce717d0d5aa207daae0de76abfda0223cfdfe7ed /lib/libssl/ssl_ciph.c | |
| parent | ff121e423efd3c611e74f00bc681230532d543d7 (diff) | |
do not propose IDEA cipher on SSL connection. tested by beck
noticed by Sverre Froyen <sverre@viewmark.com>
Diffstat (limited to 'lib/libssl/ssl_ciph.c')
| -rw-r--r-- | lib/libssl/ssl_ciph.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/lib/libssl/ssl_ciph.c b/lib/libssl/ssl_ciph.c index cdd8dde128b..57bbde5f270 100644 --- a/lib/libssl/ssl_ciph.c +++ b/lib/libssl/ssl_ciph.c @@ -124,7 +124,9 @@ static const SSL_CIPHER cipher_aliases[]={ {0,SSL_TXT_3DES,0,SSL_3DES, 0,0,0,0,SSL_ENC_MASK,0}, {0,SSL_TXT_RC4, 0,SSL_RC4, 0,0,0,0,SSL_ENC_MASK,0}, {0,SSL_TXT_RC2, 0,SSL_RC2, 0,0,0,0,SSL_ENC_MASK,0}, +#ifndef OPENSSL_NO_IDEA {0,SSL_TXT_IDEA,0,SSL_IDEA, 0,0,0,0,SSL_ENC_MASK,0}, +#endif {0,SSL_TXT_eNULL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0}, {0,SSL_TXT_eFZA,0,SSL_eFZA, 0,0,0,0,SSL_ENC_MASK,0}, {0,SSL_TXT_AES, 0,SSL_AES, 0,0,0,0,SSL_ENC_MASK,0}, @@ -165,8 +167,12 @@ static void load_ciphers(void) EVP_get_cipherbyname(SN_rc4); ssl_cipher_methods[SSL_ENC_RC2_IDX]= EVP_get_cipherbyname(SN_rc2_cbc); +#ifndef OPENSSL_NO_IDEA ssl_cipher_methods[SSL_ENC_IDEA_IDX]= EVP_get_cipherbyname(SN_idea_cbc); +#else + ssl_cipher_methods[SSL_ENC_IDEA_IDX]= NULL; +#endif ssl_cipher_methods[SSL_ENC_AES128_IDX]= EVP_get_cipherbyname(SN_aes_128_cbc); ssl_cipher_methods[SSL_ENC_AES256_IDX]= |