SSL_kKRB5 ciphersuites shouldn't be preferred by default

author Bodo Möller <bodo@openssl.org>

Tue, 20 Feb 2007 16:39:58 +0000 (16:39 +0000)

committer Bodo Möller <bodo@openssl.org>

Tue, 20 Feb 2007 16:39:58 +0000 (16:39 +0000)
author Bodo Möller <bodo@openssl.org>
Tue, 20 Feb 2007 16:39:58 +0000 (16:39 +0000)
committer Bodo Möller <bodo@openssl.org>
Tue, 20 Feb 2007 16:39:58 +0000 (16:39 +0000)
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c

index fdfc0e8117d3fdd42e1b29fa845624bf23350f26..666d44d34a759569345371c1a471fec88f4e472e 100644 (file)
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -1196,6 +1196,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
         /* ssl_cipher_apply_rule(0, 0, SSL_aDH, 0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail); */
         ssl_cipher_apply_rule(0, SSL_kRSA, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
         ssl_cipher_apply_rule(0, SSL_kPSK, 0,0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
+       ssl_cipher_apply_rule(0, SSL_kKRB5, 0,0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
  
         /* RC4 is sort-of broken -- move the the end */
         ssl_cipher_apply_rule(0, 0, 0, SSL_RC4, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
author	Bodo Möller <bodo@openssl.org>
	Tue, 20 Feb 2007 16:39:58 +0000 (16:39 +0000)
committer	Bodo Möller <bodo@openssl.org>
	Tue, 20 Feb 2007 16:39:58 +0000 (16:39 +0000)