6 Sep
2013
6 Sep
'13
10:46
On 05Sep13 15:28 +0200, Florian Westphal wrote:
- # OpenSSL: Select cipher suites used for ssl/tls connections
- # more info at 'man 1ssl ciphers'
- # Example below disallows besides LowStrength, the Medium Strength Cipher Suites, SSLv2
- # RC-4, which tend to be broken
- ;CipherList = !aNULL:!eNULL:!LOW:!SSLv2:!EXPORT:!EXPORT56:!RC4:!MEDIUM:HIGH:@STRENGTH
This patch seems to be inverted...
Florian, thanks for watching at this. The patch attached is now in proper order.
- if (strcasecmp(Var, "CipherList") == 0) {
assert(array_bytes(&Conf_SSLOptions.CipherList) == 0);if (!array_copys(&Conf_SSLOptions.CipherList, Arg))Config_Error(LOG_ERR,This won't work, and the compiler should scream at this. Either CipherList needs to be array type, or this should be something like
if (Conf_SSLOptions.CipherList == NULL) Conf_SSLOptions.CipherList = strdup(Arg);
Right, I changed this, too.
Bastian