Add missing openssl SECLEVEL=0 support (#3890)
Previous SECLEVEL support allowed for levels 1-5. However, openssl defines levels 0-5. [1] Recent openssl versions (3.0+) have moved previous popular ciphers/key lengths (i.e. RSA1024withSHA1) into level 0, so it is now a reasonable choice to use. Add support for level 0. [1] https://www.openssl.org/docs/man3.2/man3/SSL_CTX_set_security_level.html
This commit is contained in:
parent
a974061441
commit
cfde494dc3
|
@ -483,11 +483,12 @@ static pj_str_t ssl_strerror(pj_status_t status,
|
|||
*/
|
||||
static const struct ssl_ciphers_t ADDITIONAL_CIPHERS[] = {
|
||||
{0xFF000000, "DEFAULT"},
|
||||
{0xFF000001, "@SECLEVEL=1"},
|
||||
{0xFF000002, "@SECLEVEL=2"},
|
||||
{0xFF000003, "@SECLEVEL=3"},
|
||||
{0xFF000004, "@SECLEVEL=4"},
|
||||
{0xFF000005, "@SECLEVEL=5"}
|
||||
{0xFF000001, "@SECLEVEL=0"},
|
||||
{0xFF000002, "@SECLEVEL=1"},
|
||||
{0xFF000003, "@SECLEVEL=2"},
|
||||
{0xFF000004, "@SECLEVEL=3"},
|
||||
{0xFF000005, "@SECLEVEL=4"},
|
||||
{0xFF000006, "@SECLEVEL=5"}
|
||||
};
|
||||
static const unsigned int ADDITIONAL_CIPHER_COUNT =
|
||||
sizeof (ADDITIONAL_CIPHERS) / sizeof (ADDITIONAL_CIPHERS[0]);
|
||||
|
|
Loading…
Reference in New Issue