Add Camellia ciphersuites from RFC 4132.

Fix Ciphersuite_Preference_Ordering which treated two ciphersuites with the same algos but different keylengths as equivalent, causing them to be lost. Always prefer the longer key.
author: lloyd <[email protected]> 2012-01-28 07:09:26 +0000
committer: lloyd <[email protected]> 2012-01-28 07:09:26 +0000
commit: ee7f6c030776c17a47e9d4f12e59aad86366e0da (patch)
tree: a1a613ca624268f709b4e10ce474b2b4fc7e604f /src/tls/tls_policy.cpp
parent: ada0998533c7b6b8eb782c494f8efdf5b6f7f712 (diff)
1 files changed, 10 insertions, 1 deletions
diff --git a/src/tls/tls_policy.cpp b/src/tls/tls_policy.cpp
index f0ad89a6a..805e0ca38 100644
--- a/src/tls/tls_policy.cpp
+++ b/src/tls/tls_policy.cpp
@@ -23,7 +23,8 @@ std::vector<std::string> Policy::allowed_ciphers() const
    allowed.push_back("AES-128");
    allowed.push_back("3DES");
    allowed.push_back("ARC4");
-   // Note that SEED and IDEA are not included by default
+
+   // Note that Camellia, SEED and IDEA are not included by default
 
    return allowed;
    }
@@ -121,6 +122,14 @@ class Ciphersuite_Preference_Ordering
                }
             }
 
+         if(a.cipher_keylen() != b.cipher_keylen())
+            {
+            if(a.cipher_keylen() < b.cipher_keylen())
+               return false;
+            if(a.cipher_keylen() > b.cipher_keylen())
+               return true;
+            }
+
          if(a.sig_algo() != b.sig_algo())
             {
             for(size_t i = 0; i != m_sigs.size(); ++i)
author	lloyd <[email protected]>	2012-01-28 07:09:26 +0000
committer	lloyd <[email protected]>	2012-01-28 07:09:26 +0000
commit	ee7f6c030776c17a47e9d4f12e59aad86366e0da (patch)
tree	a1a613ca624268f709b4e10ce474b2b4fc7e604f /src/tls/tls_policy.cpp
parent	ada0998533c7b6b8eb782c494f8efdf5b6f7f712 (diff)