wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

If an SSLv2 method is explicitly asked for use the SSLv2 cipher string:

Browse source 
assume an application *really* wants SSLv2 if they do that.

Otherwise stick with the default which excludes all SSLv2 cipher suites.
This commit is contained in:
Dr. Stephen Henson 2009-04-29 14:12:54 +00:00
parent 174ea15647
commit 4e50f02638
1 changed files with 3 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
ssl/ssl_lib.c
View file

@ -259,7 +259,8 @@ int SSL_CTX_set_ssl_version(SSL_CTX *ctx,const SSL_METHOD *meth)
ctx->method=meth; ctx->method=meth;
sk=ssl_create_cipher_list(ctx->method,&(ctx->cipher_list), sk=ssl_create_cipher_list(ctx->method,&(ctx->cipher_list),
&(ctx->cipher_list_by_id),SSL_DEFAULT_CIPHER_LIST); &(ctx->cipher_list_by_id),
meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0))
{ {
SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS); SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
@ -1528,7 +1529,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
ssl_create_cipher_list(ret->method, ssl_create_cipher_list(ret->method,
&ret->cipher_list,&ret->cipher_list_by_id, &ret->cipher_list,&ret->cipher_list_by_id,
SSL_DEFAULT_CIPHER_LIST); meth->version == SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST);
if (ret->cipher_list == NULL if (ret->cipher_list == NULL
|| sk_SSL_CIPHER_num(ret->cipher_list) <= 0) || sk_SSL_CIPHER_num(ret->cipher_list) <= 0)
{ {