eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Adapt programs to new RC4 default

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2015-03-20 19:44:04 +00:00
parent 849b174e57
commit d42b7c82ef
7 changed files with 34 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

21
programs/ssl/ssl_client2.c
View file

@ -85,7 +85,7 @@
#define DFL_EXCHANGES 1
#define DFL_MIN_VERSION SSL_MINOR_VERSION_1
#define DFL_MAX_VERSION -1
#define DFL_ARC4 SSL_ARC4_DISABLED
#define DFL_ARC4 -1
#define DFL_AUTH_MODE SSL_VERIFY_REQUIRED
#define DFL_MFL_CODE SSL_MAX_FRAG_LEN_NONE
#define DFL_TRUNC_HMAC -1
@ -249,9 +249,9 @@
USAGE_ETM \
USAGE_RECSPLIT \
"\n" \
" arc4=%%d default: (library default)\n" \
" min_version=%%s default: \"\" (ssl3)\n" \
" max_version=%%s default: \"\" (tls1_2)\n" \
" arc4=%%d default: 0 (disabled)\n" \
" force_version=%%s default: \"\" (none)\n" \
" options: ssl3, tls1, tls1_1, tls1_2, dtls1, dtls1_2\n" \
"\n" \
@ -823,6 +823,19 @@ int main( int argc, char *argv[] )
opt.min_version < SSL_MINOR_VERSION_2 )
opt.min_version = SSL_MINOR_VERSION_2;
}
/* Enable RC4 if needed and not explicitly disabled */
if( ciphersuite_info->cipher == POLARSSL_CIPHER_ARC4_128 )
{
if( opt.arc4 == SSL_ARC4_DISABLED )
{
polarssl_printf("forced RC4 ciphersuite with RC4 disabled\n");
ret = 2;
goto usage;
}
opt.arc4 = SSL_ARC4_ENABLED;
}
}
#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
@ -1130,10 +1143,10 @@ int main( int argc, char *argv[] )
}
#endif
/* RC4 setting is redundant if we use only one ciphersuite */
if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
ssl_set_ciphersuites( &ssl, opt.force_ciphersuite );
else
if( opt.arc4 != DFL_ARC4 )
ssl_set_arc4_support( &ssl, opt.arc4 );
if( opt.allow_legacy != DFL_ALLOW_LEGACY )