diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2015-06-17 11:12:40 -0400 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2015-07-22 11:31:36 -0400 |
| commit | 63eb1f4c6ef8c1bb68afbfc5fba8762d50c1a0a8 (patch) | |
| tree | c6d24281e56eafd81817108dae83cc8d63f39d5b /nss_engine_kernel.c | |
| parent | b77f4c23aa0f8af00d119299339d0f766a071e48 (diff) | |
| download | mod_nss-63eb1f4c6ef8c1bb68afbfc5fba8762d50c1a0a8.tar.gz mod_nss-63eb1f4c6ef8c1bb68afbfc5fba8762d50c1a0a8.tar.xz mod_nss-63eb1f4c6ef8c1bb68afbfc5fba8762d50c1a0a8.zip | |
Fix logical AND support in OpenSSL cipher compatibility
The + operator didn't perform properly at all. It is supposed
to be used either for logical AND to combine two cipher suites
or to move ciphers to the end of the list. Given that NSS
doesn't support cipher ordering + is a no-op in this case.
Also add in a slew of missing aliases: kRSA, aRSA, EDH,
ECDH, kECDHe, kECDHr, kEECDH, aECDH, aNULL, AESGCM, AES128,
AES256, CAMELLIA, CAMELLIA128, CAMELLIA256.
Fix the definition of TLSv1.2.
Define some ciphers as unimplemented in NSS.
Renumber the mask/protocol/strength values to ensure uniqueness.
Replace the existing cipher test to one that compares the output
of the NSS-generated cipher string with the openssl generated
string. There are a lot of restrictions on the openssl string
since so much isn't either implemented or needed for mod_nss.
Add a new openssl-compatible cipher request test to the server
tests.
Diffstat (limited to 'nss_engine_kernel.c')
0 files changed, 0 insertions, 0 deletions