pike.git / lib / modules / SSL.pmod / Session.pike

version» Context lines:

pike.git/lib/modules/SSL.pmod/Session.pike:360:    if (version >= PROTOCOL_TLS_1_2) {    ke_mask = `|(ke_mask, @certs->ke_mask_invariant);    } else {    ke_mask = `|(ke_mask, @certs->ke_mask);    }      #if constant(Crypto.ECC.Curve)    if (!sizeof(ecc_curves) || ecc_point_format==-1) {    // Client and server have no common curves, so remove ECC from KE    // mask. -  ke_mask &= ~((1<<KE_ecdh_rsa)|(1<<KE_ecdhe_rsa)| -  (1<<KE_ecdh_anon)); +  ke_mask &= ~KE_ecc_mask;    }   #endif       if (!sizeof(ffdhe_groups)) {    // The client doesn't support the same set of Finite Field    // Diffie-Hellman groups as we do, so filter DHE.    ke_mask &= ~((1<<KE_dhe_dss)|(1<<KE_dhe_rsa)|    (1<<KE_dh_anon)|(1<<KE_dhe_psk));    }