diff options
author | Kurt Roeckx <kurt@roeckx.be> | 2016-03-08 20:26:38 +0100 |
---|---|---|
committer | Kurt Roeckx <kurt@roeckx.be> | 2016-03-09 19:10:28 +0100 |
commit | ca3895f0b52628df29bcf87e139971904f4b9b28 (patch) | |
tree | a8c7b5762dced9633219355017ae7d12ffb76c85 /ssl/d1_lib.c | |
parent | 82478521aace0ac91221ed451fceeadc007def9d (diff) | |
download | openssl-ca3895f0b52628df29bcf87e139971904f4b9b28.tar.gz |
Move disabling of RC4 for DTLS to the cipher list.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
MR: #1595
Diffstat (limited to 'ssl/d1_lib.c')
-rw-r--r-- | ssl/d1_lib.c | 19 |
1 files changed, 0 insertions, 19 deletions
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c index d9c4ec6503..f2daaf2fd2 100644 --- a/ssl/d1_lib.c +++ b/ssl/d1_lib.c @@ -274,25 +274,6 @@ long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg) return (ret); } -/* - * As it's impossible to use stream ciphers in "datagram" mode, this - * simple filter is designed to disengage them in DTLS. Unfortunately - * there is no universal way to identify stream SSL_CIPHER, so we have - * to explicitly list their SSL_* codes. Currently RC4 is the only one - * available, but if new ones emerge, they will have to be added... - */ -const SSL_CIPHER *dtls1_get_cipher(unsigned int u) -{ - const SSL_CIPHER *ciph = ssl3_get_cipher(u); - - if (ciph != NULL) { - if (ciph->algorithm_enc == SSL_RC4) - return NULL; - } - - return ciph; -} - void dtls1_start_timer(SSL *s) { #ifndef OPENSSL_NO_SCTP |