diff options
author | Steffan Karger <steffan@karger.me> | 2014-01-03 21:03:02 +0100 |
---|---|---|
committer | Gert Doering <gert@greenie.muc.de> | 2014-01-05 18:35:18 +0100 |
commit | e83313a8ba92684a660c9d78c536699f67dcdf63 (patch) | |
tree | 1351cddb1a2e06952723273f3eedc2ef31c59609 /src/openvpn/ssl.c | |
parent | 69e03f4cd4971c8748faa83be45c89694d4b7a51 (diff) | |
download | openvpn-e83313a8ba92684a660c9d78c536699f67dcdf63.tar.gz openvpn-e83313a8ba92684a660c9d78c536699f67dcdf63.tar.xz openvpn-e83313a8ba92684a660c9d78c536699f67dcdf63.zip |
Make tls_ctx_restrict_ciphers accept NULL as char *cipher_list.
This adds some ifs to check for NULL in tls_ctx_restrict_ciphers() to
prepare
for disabling export ciphers by default in OpenVPN 2.4+.
Also let tls_ctx_restrict_ciphers always be called, also when *cipher_list
is
NULL.
Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <52C8922E.3030607@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/8173
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Diffstat (limited to 'src/openvpn/ssl.c')
-rw-r--r-- | src/openvpn/ssl.c | 5 |
1 files changed, 1 insertions, 4 deletions
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index bd19d75..93222c4 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -543,10 +543,7 @@ init_ssl (const struct options *options, struct tls_root_ctx *new_ctx) } /* Allowable ciphers */ - if (options->cipher_list) - { - tls_ctx_restrict_ciphers(new_ctx, options->cipher_list); - } + tls_ctx_restrict_ciphers(new_ctx, options->cipher_list); #ifdef ENABLE_CRYPTO_POLARSSL /* Personalise the random by mixing in the certificate */ |