Permit null ciphers.

author Ben Laurie <ben@openssl.org>

Sat, 6 Mar 1999 12:09:36 +0000 (12:09 +0000)

committer Ben Laurie <ben@openssl.org>

Sat, 6 Mar 1999 12:09:36 +0000 (12:09 +0000)
author Ben Laurie <ben@openssl.org>
Sat, 6 Mar 1999 12:09:36 +0000 (12:09 +0000)
committer Ben Laurie <ben@openssl.org>
Sat, 6 Mar 1999 12:09:36 +0000 (12:09 +0000)
diff --git a/CHANGES b/CHANGES

index 81bd07e5601cd93a9fbd2b7a18176d7856077d59..e0622f6be5cd464e752f23ffbe6be42600657630 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -5,6 +5,12 @@
  
   Changes between 0.9.1c and 0.9.2
  
+  *) Permit null encryption ciphersuites, used for authentication only. It used
+     to be necessary to set the preprocessor define SSL_ALLOW_ENULL to do this.
+     It is now necessary to set SSL_FORBID_ENULL to prevent the use of null
+     encryption.
+     [Ben Laurie]
+
    *) Add a bunch of fixes to the PKCS#7 stuff. It used to sometimes reorder
       signed attributes when verifying signatures (this would break them), 
       the detached data encoding was wrong and public keys obtained using
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c

index 0e9d97aaf09e920de218faf0902953a8815b6c3c..cb48f36e66c403d9457f83d88fcf73fcf85e56ab 100644 (file)
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -353,7 +353,7 @@ char *str;
         mask|=SSL_kDHr|SSL_kDHd|SSL_kEDH|SSL_aDH;
  #endif
  
-#ifndef SSL_ALLOW_ENULL
+#ifdef SSL_FORBID_ENULL
         mask|=SSL_eNULL;
  #endif
author	Ben Laurie <ben@openssl.org>
	Sat, 6 Mar 1999 12:09:36 +0000 (12:09 +0000)
committer	Ben Laurie <ben@openssl.org>
	Sat, 6 Mar 1999 12:09:36 +0000 (12:09 +0000)
CHANGES		patch \| blob \| history
ssl/ssl_ciph.c		patch \| blob \| history