Branch: Tag:

2012-01-19

2012-01-19 14:13:03 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Filter some more weak cipher suites.

Rev: server/base_server/roxen.pike:1.1104

6:   // Per Hedbor, Henrik Grubbström, Pontus Hagland, David Hedbor and others.   // ABS and suicide systems contributed freely by Francesco Chemolli    - constant cvs_version="$Id: roxen.pike,v 1.1103 2012/01/19 14:12:01 grubba Exp $"; + constant cvs_version="$Id: roxen.pike,v 1.1104 2012/01/19 14:13:03 grubba Exp $";      //! @appears roxen   //!
2310: Inside #if undefined(ALLOW_WEAK_SSL)
   // Filter weak and really weak cipher suites.    ctx->preferred_suites -= ({    SSL.Constants.SSL_rsa_with_des_cbc_sha, +  SSL.Constants.SSL_dhe_dss_with_des_cbc_sha,    SSL.Constants.SSL_rsa_export_with_rc4_40_md5, -  +  SSL.Constants.TLS_rsa_with_null_sha256,    SSL.Constants.SSL_rsa_with_null_sha,    SSL.Constants.SSL_rsa_with_null_md5,    SSL.Constants.SSL_dhe_dss_export_with_des40_cbc_sha,