From 988788f697768524f1856d22abb8db340be646d5 Mon Sep 17 00:00:00 2001
From: Ben Laurie <ben@openssl.org>
Date: Sat, 6 Mar 1999 12:09:36 +0000
Subject: [PATCH] Permit null ciphers.

---
 CHANGES        | 6 ++++++
 ssl/ssl_ciph.c | 2 +-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/CHANGES b/CHANGES
index 81bd07e560..e0622f6be5 100644
--- a/CHANGES
+++ b/CHANGES
@@ -5,6 +5,12 @@
 
  Changes between 0.9.1c and 0.9.2
 
+  *) Permit null encryption ciphersuites, used for authentication only. It used
+     to be necessary to set the preprocessor define SSL_ALLOW_ENULL to do this.
+     It is now necessary to set SSL_FORBID_ENULL to prevent the use of null
+     encryption.
+     [Ben Laurie]
+
   *) Add a bunch of fixes to the PKCS#7 stuff. It used to sometimes reorder
      signed attributes when verifying signatures (this would break them), 
      the detached data encoding was wrong and public keys obtained using
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index 0e9d97aaf0..cb48f36e66 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -353,7 +353,7 @@ char *str;
 	mask|=SSL_kDHr|SSL_kDHd|SSL_kEDH|SSL_aDH;
 #endif
 
-#ifndef SSL_ALLOW_ENULL
+#ifdef SSL_FORBID_ENULL
 	mask|=SSL_eNULL;
 #endif
 
-- 
2.34.1