diff options
| author | Michael Brown | 2007-07-30 04:30:27 +0200 |
|---|---|---|
| committer | Michael Brown | 2007-07-30 04:30:27 +0200 |
| commit | 847ac4f3363ebdc4e2eb4fa462a09443256a1c38 (patch) | |
| tree | e69fd1320740cfd97a6252900531aee31d894bc1 /src/net | |
| parent | Change #warnings to FIXMEs, so that we can build without NO_WERROR=1 (diff) | |
| download | ipxe-847ac4f3363ebdc4e2eb4fa462a09443256a1c38.tar.gz ipxe-847ac4f3363ebdc4e2eb4fa462a09443256a1c38.tar.xz ipxe-847ac4f3363ebdc4e2eb4fa462a09443256a1c38.zip | |
tls_change_cipher() can complain about null cipher and digest
algorithms; we only need the pubkey check disabled (and only because
pubkey algorithms are not yet integrated into the crypto_algorithm
subsystem).
Diffstat (limited to 'src/net')
| -rw-r--r-- | src/net/tls.c | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/src/net/tls.c b/src/net/tls.c index dcdb66014..64e44b55d 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -498,16 +498,14 @@ static int tls_change_cipher ( struct tls_session *tls, struct tls_cipherspec *pending, struct tls_cipherspec *active ) { - /* FIXME: Why is this disabled? */ -#if 0 /* Sanity check */ - if ( ( pending->pubkey == &crypto_null ) || + if ( /* FIXME (when pubkey is not hard-coded to RSA): + * ( pending->pubkey == &crypto_null ) || */ ( pending->cipher == &crypto_null ) || ( pending->digest == &crypto_null ) ) { DBGC ( tls, "TLS %p refusing to use null cipher\n", tls ); return -ENOTSUP; } -#endif tls_clear_cipher ( tls, active ); memswap ( active, pending, sizeof ( *active ) ); |