Disable RC4 by default in example programs.

This commit is contained in:
Manuel Pégourié-Gonnard 2015-01-12 14:05:33 +01:00
parent bd47a58221
commit fa06581c73
6 changed files with 11 additions and 0 deletions

View file

@ -3,6 +3,7 @@ PolarSSL ChangeLog (Sorted per branch, date)
= PolarSSL 1.3.10 released ???
Changes
* Example programs for SSL client and server now disable SSLv3 by default.
* Example programs for SSL client and server now disable RC4 by default.
Features
* Add ssl_set_arc4_support() to make it easier to diable RC4 at runtime

View file

@ -170,6 +170,8 @@ int main( int argc, char *argv[] )
/* SSLv3 is deprecated, set minimum to TLS 1.0 */
ssl_set_min_version( &ssl, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1 );
/* RC4 is deprecated, disable it */
ssl_set_arc4_support( &ssl, SSL_ARC4_DISABLED );
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
ssl_set_dbg( &ssl, my_debug, stdout );

View file

@ -267,6 +267,8 @@ int main( int argc, char *argv[] )
/* SSLv3 is deprecated, set minimum to TLS 1.0 */
ssl_set_min_version( &ssl, SSL_MAJOR_VERSION_3,
SSL_MINOR_VERSION_1 );
/* RC4 is deprecated, disable it */
ssl_set_arc4_support( &ssl, SSL_ARC4_DISABLED );
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
ssl_set_dbg( &ssl, my_debug, stdout );

View file

@ -603,6 +603,8 @@ int main( int argc, char *argv[] )
/* SSLv3 is deprecated, set minimum to TLS 1.0 */
ssl_set_min_version( &ssl, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1 );
/* RC4 is deprecated, disable it */
ssl_set_arc4_support( &ssl, SSL_ARC4_DISABLED );
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
ssl_set_dbg( &ssl, my_debug, stdout );

View file

@ -167,6 +167,8 @@ static void *handle_ssl_connection( void *data )
/* SSLv3 is deprecated, set minimum to TLS 1.0 */
ssl_set_min_version( &ssl, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1 );
/* RC4 is deprecated, disable it */
ssl_set_arc4_support( &ssl, SSL_ARC4_DISABLED );
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
ssl_set_dbg( &ssl, my_mutexed_debug, stdout );

View file

@ -200,6 +200,8 @@ int main( int argc, char *argv[] )
/* SSLv3 is deprecated, set minimum to TLS 1.0 */
ssl_set_min_version( &ssl, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1 );
/* RC4 is deprecated, disable it */
ssl_set_arc4_support( &ssl, SSL_ARC4_DISABLED );
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
ssl_set_dbg( &ssl, my_debug, stdout );