2
0
mirror of https://github.com/xcat2/xNBA.git synced 2024-12-14 23:31:39 +00:00

tls_change_cipher() can complain about null cipher and digest

algorithms; we only need the pubkey check disabled (and only because
pubkey algorithms are not yet integrated into the crypto_algorithm
subsystem).
This commit is contained in:
Michael Brown 2007-07-30 03:30:27 +01:00
parent 60e3aa4d75
commit 847ac4f336

View File

@ -498,16 +498,14 @@ static int tls_change_cipher ( struct tls_session *tls,
struct tls_cipherspec *pending,
struct tls_cipherspec *active ) {
/* FIXME: Why is this disabled? */
#if 0
/* Sanity check */
if ( ( pending->pubkey == &crypto_null ) ||
if ( /* FIXME (when pubkey is not hard-coded to RSA):
* ( pending->pubkey == &crypto_null ) || */
( pending->cipher == &crypto_null ) ||
( pending->digest == &crypto_null ) ) {
DBGC ( tls, "TLS %p refusing to use null cipher\n", tls );
return -ENOTSUP;
}
#endif
tls_clear_cipher ( tls, active );
memswap ( active, pending, sizeof ( *active ) );