diff options
Diffstat (limited to 'src/lib/libtls/tls_config.c')
| -rw-r--r-- | src/lib/libtls/tls_config.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/src/lib/libtls/tls_config.c b/src/lib/libtls/tls_config.c index 6b47eeb8d1..43f06b0063 100644 --- a/src/lib/libtls/tls_config.c +++ b/src/lib/libtls/tls_config.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls_config.c,v 1.21 2016/07/07 14:09:03 jsing Exp $ */ | 1 | /* $OpenBSD: tls_config.c,v 1.22 2016/07/13 16:30:48 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -289,9 +289,13 @@ tls_config_set_ciphers(struct tls_config *config, const char *ciphers) | |||
| 289 | strcasecmp(ciphers, "default") == 0 || | 289 | strcasecmp(ciphers, "default") == 0 || |
| 290 | strcasecmp(ciphers, "secure") == 0) | 290 | strcasecmp(ciphers, "secure") == 0) |
| 291 | ciphers = TLS_CIPHERS_DEFAULT; | 291 | ciphers = TLS_CIPHERS_DEFAULT; |
| 292 | else if (strcasecmp(ciphers, "compat") == 0 || | 292 | else if (strcasecmp(ciphers, "compat") == 0) |
| 293 | strcasecmp(ciphers, "legacy") == 0) | ||
| 294 | ciphers = TLS_CIPHERS_COMPAT; | 293 | ciphers = TLS_CIPHERS_COMPAT; |
| 294 | else if (strcasecmp(ciphers, "legacy") == 0) | ||
| 295 | ciphers = TLS_CIPHERS_LEGACY; | ||
| 296 | else if (strcasecmp(ciphers, "all") == 0 || | ||
| 297 | strcasecmp(ciphers, "insecure") == 0) | ||
| 298 | ciphers = TLS_CIPHERS_ALL; | ||
| 295 | 299 | ||
| 296 | if ((ssl_ctx = SSL_CTX_new(SSLv23_method())) == NULL) { | 300 | if ((ssl_ctx = SSL_CTX_new(SSLv23_method())) == NULL) { |
| 297 | tls_config_set_errorx(config, "out of memory"); | 301 | tls_config_set_errorx(config, "out of memory"); |