aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/tls/tls_policy.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/tls/tls_policy.cpp')
-rw-r--r--src/lib/tls/tls_policy.cpp9
1 files changed, 8 insertions, 1 deletions
diff --git a/src/lib/tls/tls_policy.cpp b/src/lib/tls/tls_policy.cpp
index 9646aa320..53ef8e46d 100644
--- a/src/lib/tls/tls_policy.cpp
+++ b/src/lib/tls/tls_policy.cpp
@@ -352,12 +352,19 @@ std::vector<u16bit> Policy::ciphersuite_list(Protocol_Version version,
for(auto&& suite : Ciphersuite::all_known_ciphersuites())
{
- if(!acceptable_ciphersuite(suite))
+ // Can we use it?
+ if(suite.valid() == false)
continue;
+ // Is it acceptable to the policy?
+ if(!this->acceptable_ciphersuite(suite))
+ continue;
+
+ // Are we doing SRP?
if(!have_srp && suite.kex_algo() == "SRP_SHA")
continue;
+ // Are we doing AEAD in a non-AEAD version
if(!version.supports_aead_modes() && suite.mac_algo() == "AEAD")
continue;