From: Nick Zitzmann <nickzman@gmail.com>
Date: Thu, 3 Oct 2013 02:19:28 +0000 (-0500)
Subject: darwinssl: block TLS_RSA_WITH_NULL_SHA256 cipher
X-Git-Tag: curl-7_33_0~14
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=173160c0d068f1aba390fe6eb2e847af6ae48dca;p=curl

darwinssl: block TLS_RSA_WITH_NULL_SHA256 cipher

Credit (for catching a cipher I forgot to add to the blocked ciphers list):
https://www.ssllabs.com/ssltest/viewMyClient.html
---

diff --git a/lib/curl_darwinssl.c b/lib/curl_darwinssl.c
index 211252f65..43fe05336 100644
--- a/lib/curl_darwinssl.c
+++ b/lib/curl_darwinssl.c
@@ -1330,6 +1330,7 @@ static CURLcode darwinssl_connect_step1(struct connectdata *conn,
         case SSL_NULL_WITH_NULL_NULL:
         case SSL_RSA_WITH_NULL_MD5:
         case SSL_RSA_WITH_NULL_SHA:
+        case 0x003B: /* TLS_RSA_WITH_NULL_SHA256 */
         case SSL_FORTEZZA_DMS_WITH_NULL_SHA:
         case 0xC001: /* TLS_ECDH_ECDSA_WITH_NULL_SHA */
         case 0xC006: /* TLS_ECDHE_ECDSA_WITH_NULL_SHA */