is ECDHE okay?

This commit is contained in:
psyc://psyced.org/~lynX 2011-12-02 20:27:33 +01:00
parent 3f28a395ad
commit a44365a15e

View File

@ -175,7 +175,7 @@ int tls_check_cipher(object sock, string scheme) {
P3(("%O is using the %O cipher.\n", sock, m[TLS_CIPHER])) P3(("%O is using the %O cipher.\n", sock, m[TLS_CIPHER]))
// shouldn't our negotiation have ensured we have PFS? // shouldn't our negotiation have ensured we have PFS?
if (stringp(t = m[TLS_CIPHER]) &&! abbrev("DHE", t)) { if (stringp(t = m[TLS_CIPHER]) &&! (abbrev("DHE", t) || abbrev("ECDHE", t))) {
monitor_report("_warning_circuit_encryption_cipher_details", monitor_report("_warning_circuit_encryption_cipher_details",
object_name(sock) +" · using "+ t +" cipher"); object_name(sock) +" · using "+ t +" cipher");
// we can't expect that degree of privacy from jabber, for now // we can't expect that degree of privacy from jabber, for now