Loading CHANGES +9 −2 Original line number Diff line number Diff line Loading @@ -289,7 +289,14 @@ whose return value is often ignored. [Steve Henson] Changes between 1.0.1a and 1.0.1b [xx XXX xxxx] Changes between 1.0.1b and 1.0.1c [xx XXX xxxx] *) In FIPS mode don't try to use composite ciphers as they are not approved. [Steve Henson] Changes between 1.0.1a and 1.0.1b [26 Apr 2012] *) OpenSSL 1.0.0 sets SSL_OP_ALL to 0x80000FFFL and OpenSSL 1.0.1 and 1.0.1a set SSL_OP_NO_TLSv1_1 to 0x00000400L which would unfortunately Loading ssl/ssl_ciph.c +5 −0 Original line number Diff line number Diff line Loading @@ -620,6 +620,11 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, s->ssl_version < TLS1_VERSION) return 1; #ifdef OPENSSL_FIPS if (FIPS_mode()) return 1; #endif if (c->algorithm_enc == SSL_RC4 && c->algorithm_mac == SSL_MD5 && (evp=EVP_get_cipherbyname("RC4-HMAC-MD5"))) Loading Loading
CHANGES +9 −2 Original line number Diff line number Diff line Loading @@ -289,7 +289,14 @@ whose return value is often ignored. [Steve Henson] Changes between 1.0.1a and 1.0.1b [xx XXX xxxx] Changes between 1.0.1b and 1.0.1c [xx XXX xxxx] *) In FIPS mode don't try to use composite ciphers as they are not approved. [Steve Henson] Changes between 1.0.1a and 1.0.1b [26 Apr 2012] *) OpenSSL 1.0.0 sets SSL_OP_ALL to 0x80000FFFL and OpenSSL 1.0.1 and 1.0.1a set SSL_OP_NO_TLSv1_1 to 0x00000400L which would unfortunately Loading
ssl/ssl_ciph.c +5 −0 Original line number Diff line number Diff line Loading @@ -620,6 +620,11 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, s->ssl_version < TLS1_VERSION) return 1; #ifdef OPENSSL_FIPS if (FIPS_mode()) return 1; #endif if (c->algorithm_enc == SSL_RC4 && c->algorithm_mac == SSL_MD5 && (evp=EVP_get_cipherbyname("RC4-HMAC-MD5"))) Loading
