pike.git / lib / modules / SSL.pmod / https.pike

version» Context lines:

pike.git/lib/modules/SSL.pmod/https.pike:190:    // Compat with OLD clients.    //    // The old FIPS standard maxed out at 1024 & 160 bits with SHA-1.    key = Crypto.DSA()->generate_key(1024, 160);    make_certificate(ctx, key, Crypto.SHA1);      #if constant(Crypto.ECC.Curve)    werror("Generating ECDSA certificate (%d bits)...\n", 521);       key = Crypto.ECC.SECP_521R1.ECDSA()->generate_key(); -  make_certificate(ctx, key); +  make_certificate(ctx, key, Crypto.SHA512); +  make_certificate(ctx, key, Crypto.SHA256);       // Compat with OLD clients.    //    // Unlikely to be needed, but the cost is minimal.    make_certificate(ctx, key, Crypto.SHA1);   #endif       // Make sure all cipher suites are available.    ctx->preferred_suites = ctx->get_suites(CIPHER_BITS, KE_MODE);    SSL3_DEBUG_MSG("Cipher suites:\n%s",