root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Disable unsupported PSK algorithms 

Reviewed-by: Matt Caswell <matt@openssl.org>
This commit is contained in:
Dr. Stephen Henson 2015-06-28 17:09:54 +01:00
parent 8baac6a224
commit 332a251fd7
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ssl/ssl_ciph.c
View File

@ -495,22 +495,22 @@ void ssl_load_ciphers(void)
disabled_auth_mask = 0;
#ifdef OPENSSL_NO_RSA
disabled_mkey_mask |= SSL_kRSA;
disabled_mkey_mask |= SSL_kRSA | SSL_kRSAPSK;
disabled_auth_mask |= SSL_aRSA;
#endif
#ifdef OPENSSL_NO_DSA
disabled_auth_mask |= SSL_aDSS;
#endif
#ifdef OPENSSL_NO_DH
disabled_mkey_mask |= SSL_kDHr | SSL_kDHd | SSL_kDHE;
disabled_mkey_mask |= SSL_kDHr | SSL_kDHd | SSL_kDHE | SSL_kDHEPSK;
disabled_auth_mask |= SSL_aDH;
#endif
#ifdef OPENSSL_NO_EC
disabled_mkey_mask |= SSL_kECDHe | SSL_kECDHr;
disabled_mkey_mask |= SSL_kECDHe | SSL_kECDHr | SSL_kECDHEPSK;
disabled_auth_mask |= SSL_aECDSA | SSL_aECDH;
#endif
#ifdef OPENSSL_NO_PSK
disabled_mkey_mask |= SSL_kPSK;
disabled_mkey_mask |= SSL_PSK;
disabled_auth_mask |= SSL_aPSK;
#endif
#ifdef OPENSSL_NO_SRP