Branch: Tag:


2014-12-04 19:25:03 by Henrik Grubbström (Grubba) <>

SSL: Fix priorities for anonymous cipher suites.

Anonymous key exchange suffers from man in the middle attackability,
so make sure that they are only chosen when there are no supported
authenticated suites.

44: Inside #if constant(SSL.Cipher.CipherAlgorithm) and #if undefined(HTTPS_CLIENT)
   has_prefix(id, "SSL2_") )    ciphers[SSL.Constants[id]] = id;    foreach(s, int c) -  b->sprintf(" %-6d: %09x: %s\n", +  b->sprintf(" %-6d: %010x: %s\n",    c, cipher_suite_sort_key(c), ciphers[c]||"unknown");    return (string)b;   }