diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-03-08 11:48:28 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-03-08 11:50:42 +0100 |
| commit | 1cc6115863c976c2441f793fc3e4c294ccacce48 (patch) | |
| tree | 4acb5487e93856cdc51af5173053c8eaadcb8580 | |
| parent | cffe25b1097a4695c984c45996d62fcfeef8c51b (diff) | |
| download | gnutls-1cc6115863c976c2441f793fc3e4c294ccacce48.tar.gz | |
priority: do not enable HMAC-MD5 by default
While HMAC-MD5 is not yet broken, it is not used by any non-broken
or non-NULL ciphersuites (is only used with NULL and RC4), and as there
is not plan to introduce new ciphersuites with that MAC algorithm, there
is no point to include it in the default set of allowed algorithms.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| -rw-r--r-- | lib/priority.c | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/lib/priority.c b/lib/priority.c index 04aba86943..ade96c730c 100644 --- a/lib/priority.c +++ b/lib/priority.c @@ -414,7 +414,6 @@ static const int mac_priority_normal_default[] = { GNUTLS_MAC_SHA256, GNUTLS_MAC_SHA384, GNUTLS_MAC_AEAD, - GNUTLS_MAC_MD5, 0 }; |