mirror of
https://github.com/xcat2/xNBA.git
synced 2024-12-14 23:31:39 +00:00
tls_change_cipher() can complain about null cipher and digest
algorithms; we only need the pubkey check disabled (and only because pubkey algorithms are not yet integrated into the crypto_algorithm subsystem).
This commit is contained in:
parent
60e3aa4d75
commit
847ac4f336
@ -498,16 +498,14 @@ static int tls_change_cipher ( struct tls_session *tls,
|
||||
struct tls_cipherspec *pending,
|
||||
struct tls_cipherspec *active ) {
|
||||
|
||||
/* FIXME: Why is this disabled? */
|
||||
#if 0
|
||||
/* Sanity check */
|
||||
if ( ( pending->pubkey == &crypto_null ) ||
|
||||
if ( /* FIXME (when pubkey is not hard-coded to RSA):
|
||||
* ( pending->pubkey == &crypto_null ) || */
|
||||
( pending->cipher == &crypto_null ) ||
|
||||
( pending->digest == &crypto_null ) ) {
|
||||
DBGC ( tls, "TLS %p refusing to use null cipher\n", tls );
|
||||
return -ENOTSUP;
|
||||
}
|
||||
#endif
|
||||
|
||||
tls_clear_cipher ( tls, active );
|
||||
memswap ( active, pending, sizeof ( *active ) );
|
||||
|
Loading…
Reference in New Issue
Block a user