lighttpd
/
lighttpd1.4
2
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

[TLS] ignore empty "CipherString" in ssl-conf-cmd 

e.g. ssl.openssl.ssl-conf-cmd = ("CipherString" => "")
master
Glenn Strauss 7 months ago
parent
fe02111888
commit
d865d8c330
5 changed files with 7 additions and 5 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      src/mod_gnutls.c
  2. 2
      src/mod_mbedtls.c
  3. 2
      src/mod_nss.c
  4. 4
      src/mod_openssl.c
  5. 2
      src/mod_wolfssl.c

2
src/mod_gnutls.c
View File

@ -3010,7 +3010,7 @@ mod_gnutls_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer *
*
* XXX: not done: could make a list of ciphers with bitflag of attributes
* to make future combining easier */
if (cipherstring) {
if (!buffer_string_is_empty(cipherstring)) {
const buffer *b = cipherstring;
const char *e = b->ptr;

2
src/mod_mbedtls.c
View File

@ -3128,7 +3128,7 @@ mod_mbedtls_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer
*
* XXX: not done: could make a list of ciphers with bitflag of attributes
* to make future combining easier */
if (cipherstring) {
if (!buffer_string_is_empty(cipherstring)) {
const buffer *b = cipherstring;
const char *e = b->ptr;

2
src/mod_nss.c
View File

@ -3444,7 +3444,7 @@ mod_nss_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer *cip
"Ciphersuite support not implemented for %s",
ciphersuites->ptr);
if (!cipherstring)
if (buffer_string_is_empty(cipherstring))
return 1; /* nothing to do */
/*

4
src/mod_openssl.c
View File

@ -1882,6 +1882,8 @@ network_openssl_ssl_conf_cmd (server *srv, plugin_config_socket *s)
if (NULL != ds) {
buffer *cipher_string =
array_get_buf_ptr(s->ssl_conf_cmd, CONST_STR_LEN("CipherString"));
if (buffer_string_is_empty(cipher_string))
buffer_append_string_len(cipher_string, CONST_STR_LEN("HIGH"));
buffer_append_string_len(cipher_string,
CONST_STR_LEN(":!aNULL:!eNULL:!EXP"));
}
@ -3660,7 +3662,7 @@ mod_openssl_ssl_conf_cmd (server *srv, plugin_config_socket *s)
rc = -1;
}
if (cipherstring) {
if (!buffer_string_is_empty(cipherstring)) {
/* Disable support for low encryption ciphers */
buffer_append_string_len(cipherstring,
CONST_STR_LEN(":!aNULL:!eNULL:!EXP"));

2
src/mod_wolfssl.c
View File

@ -3347,7 +3347,7 @@ mod_openssl_ssl_conf_cmd (server *srv, plugin_config_socket *s)
/* WolfSSL max ver is set at WolfSSL compile-time */
}
if (cipherstring) {
if (!buffer_string_is_empty(cipherstring)) {
/* Disable support for low encryption ciphers */
buffer_append_string_len(cipherstring,
CONST_STR_LEN(":!aNULL:!eNULL:!EXP"));

Write Preview
Loading…
Cancel
Save