[TLS] ignore empty "CipherString" in ssl-conf-cmd
e.g. ssl.openssl.ssl-conf-cmd = ("CipherString" => "")
This commit is contained in:
parent
fe02111888
commit
d865d8c330
|
@ -3010,7 +3010,7 @@ mod_gnutls_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer *
|
|||
*
|
||||
* XXX: not done: could make a list of ciphers with bitflag of attributes
|
||||
* to make future combining easier */
|
||||
if (cipherstring) {
|
||||
if (!buffer_string_is_empty(cipherstring)) {
|
||||
const buffer *b = cipherstring;
|
||||
const char *e = b->ptr;
|
||||
|
||||
|
|
|
@ -3128,7 +3128,7 @@ mod_mbedtls_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer
|
|||
*
|
||||
* XXX: not done: could make a list of ciphers with bitflag of attributes
|
||||
* to make future combining easier */
|
||||
if (cipherstring) {
|
||||
if (!buffer_string_is_empty(cipherstring)) {
|
||||
const buffer *b = cipherstring;
|
||||
const char *e = b->ptr;
|
||||
|
||||
|
|
|
@ -3444,7 +3444,7 @@ mod_nss_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer *cip
|
|||
"Ciphersuite support not implemented for %s",
|
||||
ciphersuites->ptr);
|
||||
|
||||
if (!cipherstring)
|
||||
if (buffer_string_is_empty(cipherstring))
|
||||
return 1; /* nothing to do */
|
||||
|
||||
/*
|
||||
|
|
|
@ -1882,6 +1882,8 @@ network_openssl_ssl_conf_cmd (server *srv, plugin_config_socket *s)
|
|||
if (NULL != ds) {
|
||||
buffer *cipher_string =
|
||||
array_get_buf_ptr(s->ssl_conf_cmd, CONST_STR_LEN("CipherString"));
|
||||
if (buffer_string_is_empty(cipher_string))
|
||||
buffer_append_string_len(cipher_string, CONST_STR_LEN("HIGH"));
|
||||
buffer_append_string_len(cipher_string,
|
||||
CONST_STR_LEN(":!aNULL:!eNULL:!EXP"));
|
||||
}
|
||||
|
@ -3660,7 +3662,7 @@ mod_openssl_ssl_conf_cmd (server *srv, plugin_config_socket *s)
|
|||
rc = -1;
|
||||
}
|
||||
|
||||
if (cipherstring) {
|
||||
if (!buffer_string_is_empty(cipherstring)) {
|
||||
/* Disable support for low encryption ciphers */
|
||||
buffer_append_string_len(cipherstring,
|
||||
CONST_STR_LEN(":!aNULL:!eNULL:!EXP"));
|
||||
|
|
|
@ -3347,7 +3347,7 @@ mod_openssl_ssl_conf_cmd (server *srv, plugin_config_socket *s)
|
|||
/* WolfSSL max ver is set at WolfSSL compile-time */
|
||||
}
|
||||
|
||||
if (cipherstring) {
|
||||
if (!buffer_string_is_empty(cipherstring)) {
|
||||
/* Disable support for low encryption ciphers */
|
||||
buffer_append_string_len(cipherstring,
|
||||
CONST_STR_LEN(":!aNULL:!eNULL:!EXP"));
|
||||
|
|
Loading…
Reference in New Issue