Restore the NULL-SHA ciphersuite. (Alas.) Change-Id: Ia5398f3b86a13fb20dba053f730b51a0e57b9aa4 Reviewed-on: https://boringssl-review.googlesource.com/5791 Reviewed-by: Adam Langley <agl@google.com>

commit: af096751e8d1cae9a570990b49b12527317c0003 [log] [tgz]
author: Matt Braithwaite <mab@google.com> Wed Sep 02 19:48:16 2015 -0700
committer: Adam Langley <agl@google.com> Fri Sep 11 22:18:08 2015 +0000
tree: 3ba157d8840cef2c5921420ae63fc7272babd998
parent: 4fac72e638c896c9fa30f5c6cd2fd7246f28f49e [diff] [blame]
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index 2dc55d6..db8a536 100644
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c

@@ -152,8 +152,9 @@
 }
 
 int dtls1_supports_cipher(const SSL_CIPHER *cipher) {
-  /* DTLS does not support stream ciphers. */
-  return cipher->algorithm_enc != SSL_RC4;
+  /* DTLS does not support stream ciphers. The NULL cipher is rejected because
+   * it's not needed. */
+  return cipher->algorithm_enc != SSL_RC4 && cipher->algorithm_enc != SSL_eNULL;
 }
 
 void dtls1_start_timer(SSL *s) {
commit	af096751e8d1cae9a570990b49b12527317c0003	[log] [tgz]
author	Matt Braithwaite <mab@google.com>	Wed Sep 02 19:48:16 2015 -0700
committer	Adam Langley <agl@google.com>	Fri Sep 11 22:18:08 2015 +0000
tree	3ba157d8840cef2c5921420ae63fc7272babd998
parent	4fac72e638c896c9fa30f5c6cd2fd7246f28f49e [diff] [blame]