lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-28 00:21:48 +03:00
Code Activity

Add ssl_set_arc4_support()

Browse Source 
Rationale: if people want to disable RC4 but otherwise keep the default suite
list, it was cumbersome. Also, since it uses a global array,
ssl_list_ciphersuite() is not a convenient place. So the SSL modules look like
the best place, even if it means temporarily adding one SSL setting.
This commit is contained in:
Manuel Pégourié-Gonnard
2015-01-12 13:43:29 +01:00
parent 448ea506bf
commit bd47a58221
9 changed files with 114 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
library/ssl_srv.c
View File

@ -847,6 +847,10 @@ static int ssl_ciphersuite_match( ssl_context *ssl, int suite_id,
suite_info->max_minor_ver < ssl->minor_ver )
return( 0 );
if( ssl->arc4_disabled == SSL_ARC4_DISABLED &&
suite_info->cipher == POLARSSL_CIPHER_ARC4_128 )
return( 0 );
#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C)
if( ssl_ciphersuite_uses_ec( suite_info ) &&
( ssl->handshake->curves == NULL ||