adium/adium

I don't dare to completely transplant 8dd676d7398d just before the release, but at least removing the worst cipheres.
adium-1.5.7
2013-06-25, Thijs Alkemade
f0897fb5fb95
Parents f378111148c4
Children f2a250f6801f
I don't dare to completely transplant 8dd676d7398d just before the release, but at least removing the worst cipheres.

* Using any anonymous cipher will crash Adium during cert verification.
* Did I mention SSL_RSA_WITH_NULL_MD5 is RETARDED?
1 files changed, 2 insertions(+), 10 deletions(-)
  • +2 -10
    Plugins/Purple Service/libpurple_extensions/ssl-cdsa.c
    • --- a/Plugins/Purple Service/libpurple_extensions/ssl-cdsa.c Tue Jun 25 21:41:03 2013 +0200
    +++ b/Plugins/Purple Service/libpurple_extensions/ssl-cdsa.c Tue Jun 25 22:55:21 2013 +0200
    @@ -365,7 +365,7 @@
    /*
    * Disable ciphers that confuse some servers
    */
    - SSLCipherSuite ciphers[27] = {
    + SSLCipherSuite ciphers[] = {
    TLS_RSA_WITH_AES_128_CBC_SHA,
    SSL_RSA_WITH_RC4_128_SHA,
    SSL_RSA_WITH_RC4_128_MD5,
    @@ -384,15 +384,7 @@
    SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
    SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
    SSL_DHE_DSS_WITH_DES_CBC_SHA,
    - SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,
    - TLS_DH_anon_WITH_AES_128_CBC_SHA,
    - TLS_DH_anon_WITH_AES_256_CBC_SHA,
    - SSL_DH_anon_WITH_RC4_128_MD5,
    - SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,
    - SSL_DH_anon_WITH_DES_CBC_SHA,
    - SSL_DH_anon_EXPORT_WITH_RC4_40_MD5,
    - SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA,
    - SSL_RSA_WITH_NULL_MD5,
    + SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
    };
    err = (OSStatus)SSLSetEnabledCiphers(cdsa_data->ssl_ctx, ciphers, sizeof(ciphers) / sizeof(SSLCipherSuite));
    if (err != noErr) {