Disable unsupported PSK algorithms

Reviewed-by: Matt Caswell <matt@openssl.org>
author: Dr. Stephen Henson <steve@openssl.org> 2015-06-28 17:09:54 +0100
committer: Dr. Stephen Henson <steve@openssl.org> 2015-07-30 14:43:35 +0100
commit: 332a251fd7cca28b1cc34d5ddf26272a352f5299 (patch)
tree: 12bd3ab0ade41502376386669827a8693d09051a /ssl/ssl_ciph.c
parent: 8baac6a224ec194036b43e47b36b642248257b56 (diff)
download: openssl-332a251fd7cca28b1cc34d5ddf26272a352f5299.tar.gz
1 files changed, 4 insertions, 4 deletions
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index dd325bbaa0..da64301b58 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -495,22 +495,22 @@ void ssl_load_ciphers(void)
     disabled_auth_mask = 0;
 
 #ifdef OPENSSL_NO_RSA
-    disabled_mkey_mask |= SSL_kRSA;
+    disabled_mkey_mask |= SSL_kRSA | SSL_kRSAPSK;
     disabled_auth_mask |= SSL_aRSA;
 #endif
 #ifdef OPENSSL_NO_DSA
     disabled_auth_mask |= SSL_aDSS;
 #endif
 #ifdef OPENSSL_NO_DH
-    disabled_mkey_mask |= SSL_kDHr | SSL_kDHd | SSL_kDHE;
+    disabled_mkey_mask |= SSL_kDHr | SSL_kDHd | SSL_kDHE | SSL_kDHEPSK;
     disabled_auth_mask |= SSL_aDH;
 #endif
 #ifdef OPENSSL_NO_EC
-    disabled_mkey_mask |= SSL_kECDHe | SSL_kECDHr;
+    disabled_mkey_mask |= SSL_kECDHe | SSL_kECDHr | SSL_kECDHEPSK;
     disabled_auth_mask |= SSL_aECDSA | SSL_aECDH;
 #endif
 #ifdef OPENSSL_NO_PSK
-    disabled_mkey_mask |= SSL_kPSK;
+    disabled_mkey_mask |= SSL_PSK;
     disabled_auth_mask |= SSL_aPSK;
 #endif
 #ifdef OPENSSL_NO_SRP
author	Dr. Stephen Henson <steve@openssl.org>	2015-06-28 17:09:54 +0100
committer	Dr. Stephen Henson <steve@openssl.org>	2015-07-30 14:43:35 +0100
commit	332a251fd7cca28b1cc34d5ddf26272a352f5299 (patch)
tree	12bd3ab0ade41502376386669827a8693d09051a /ssl/ssl_ciph.c
parent	8baac6a224ec194036b43e47b36b642248257b56 (diff)
download	openssl-332a251fd7cca28b1cc34d5ddf26272a352f5299.tar.gz