WARNING! Gitlab maintenance operation scheduled for Thursday, 18 June between 19:00 and 20:00 (CET). During this time window, short service interruptions (less than 5 minutes) may occur. Thank you in advance for your understanding.

Commit d9e26244 authored Mar 21, 2007 by Bodo Möller

oops -- this should have been in 0.9.8e

parent 51c3bb3b

CHANGES

+2 −4

Original line number	Diff line number	Diff line
		@@ -4,15 +4,13 @@

		Changes between 0.9.8e and 0.9.8f [xx XXX xxxx]

		*)

		Changes between 0.9.8d and 0.9.8e [23 Feb 2007]

		*) Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that
		a ciphersuite string such as "DEFAULT:RSA" cannot enable
		authentication-only ciphersuites.
		[Bodo Moeller]

		Changes between 0.9.8d and 0.9.8e [23 Feb 2007]

		*) Since AES128 and AES256 (and similarly Camellia128 and
		Camellia256) share a single mask bit in the logic of
		ssl/ssl_ciph.c, the code for masking out disabled ciphers needs a

ssl/ssl.h

+2 −2

Original line number	Diff line number	Diff line
		@@ -317,9 +317,9 @@ extern "C" {
		* It also is substituted when an application-defined cipher list string
		* starts with 'DEFAULT'. */
		#ifdef OPENSSL_NO_CAMELLIA
		# define SSL_DEFAULT_CIPHER_LIST "ALL:!ADH:+RC4:@STRENGTH" /* low priority for RC4 */
		# define SSL_DEFAULT_CIPHER_LIST "ALL:!aNULL:!eNULL:+RC4:@STRENGTH" /* low priority for RC4 */
		#else
		# define SSL_DEFAULT_CIPHER_LIST "AES:CAMELLIA:ALL:!ADH:+RC4:@STRENGTH" /* low priority for RC4 */
		# define SSL_DEFAULT_CIPHER_LIST "AES:CAMELLIA:ALL:!aNULL:!eNULL:+RC4:@STRENGTH" /* low priority for RC4 */
		#endif

		/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */