} CIPHER_ORDER;
static SSL_CIPHER cipher_aliases[]={
- {0,SSL_TXT_ALL, 0,SSL_ALL, 0,SSL_ALL}, /* must be first */
+ /* Don't include eNULL unless specifically enabled */
+ {0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL, 0,SSL_ALL}, /* must be first */
{0,SSL_TXT_kRSA,0,SSL_kRSA, 0,SSL_MKEY_MASK},
{0,SSL_TXT_kDHr,0,SSL_kDHr, 0,SSL_MKEY_MASK},
{0,SSL_TXT_kDHd,0,SSL_kDHd, 0,SSL_MKEY_MASK},
mask|=SSL_kDHr|SSL_kDHd|SSL_kEDH|SSL_aDH;
#endif
-#ifndef SSL_ALLOW_ENULL
+#ifdef SSL_FORBID_ENULL
mask|=SSL_eNULL;
#endif
}
/* special case */
- cipher_aliases[0].algorithms= ~mask;
+ cipher_aliases[0].algorithms &= ~mask;
/* get the aliases */
k=sizeof(cipher_aliases)/sizeof(SSL_CIPHER);