diff options
author | lloyd <[email protected]> | 2012-01-24 13:53:23 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2012-01-24 13:53:23 +0000 |
commit | 99eafeb061d9f8c55ff7c6c7c2caa2be3d89a25a (patch) | |
tree | 9a350a12c34b0722e02d39786baefb7371606d49 /src/tls/tls_policy.cpp | |
parent | fdd56bed26a37177eeccb7df25f2eeae8a324d2b (diff) |
Cleanup
Diffstat (limited to 'src/tls/tls_policy.cpp')
-rw-r--r-- | src/tls/tls_policy.cpp | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/src/tls/tls_policy.cpp b/src/tls/tls_policy.cpp index ca6286b72..277f1a64d 100644 --- a/src/tls/tls_policy.cpp +++ b/src/tls/tls_policy.cpp @@ -40,8 +40,8 @@ std::vector<std::string> Policy::allowed_hashes() const std::vector<std::string> Policy::allowed_key_exchange_methods() const { std::vector<std::string> allowed; - //allowed.push_back("ECDH"); //allowed.push_back("SRP"); + //allowed.push_back("ECDH"); allowed.push_back("DH"); allowed.push_back(""); // means RSA via server cert return allowed; @@ -188,26 +188,26 @@ u16bit Policy::choose_suite(const std::vector<u16bit>& client_suites, { for(size_t i = 0; i != client_suites.size(); ++i) { - u16bit suite_id = client_suites[i]; + const u16bit suite_id = client_suites[i]; Ciphersuite suite = Ciphersuite::lookup_ciphersuite(suite_id); + if(suite.cipher_keylen() == 0) continue; // not a ciphersuite we know - if(!have_srp && suite.kex_algo() == "SRP") - continue; - if(suite.kex_algo() == "ECDH") continue; // not currently supported - if(suite.kex_algo() == "ECDH") - continue; // not yet supported - if(suite.sig_algo() == "RSA" && have_rsa) return suite_id; - else if(suite.sig_algo() == "DSA" && have_dsa) + + if(suite.sig_algo() == "DSA" && have_dsa) return suite_id; + + if(suite.kex_algo() == "SRP" && have_srp) + return suite_id; + #if 0 - else if(suite.sig_algo() == "") // anonymous server + if(suite.sig_algo() == "") // anonymous server return suite_id; #endif } |