From e1b6a169457b267c3e11bbdb9e58e9ab7b3f0136 Mon Sep 17 00:00:00 2001
From: madmaxoft <github@xoft.cz>
Date: Thu, 1 May 2014 11:33:29 +0200
Subject: Added a (disabled) test of low-security ciphersuites.

Enabling this allows the connection to be sniffed and decoded using Wireshark, when given the SSL private key.
---
 src/PolarSSL++/SslContext.cpp | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'src/PolarSSL++/SslContext.cpp')

diff --git a/src/PolarSSL++/SslContext.cpp b/src/PolarSSL++/SslContext.cpp
index 3d2b8cef7..df0219610 100644
--- a/src/PolarSSL++/SslContext.cpp
+++ b/src/PolarSSL++/SslContext.cpp
@@ -70,6 +70,18 @@ int cSslContext::Initialize(bool a_IsClient, const SharedPtr<cCtrDrbgContext> &
 		ssl_set_dbg(&m_Ssl, &SSLDebugMessage, this);
 		ssl_set_verify(&m_Ssl, &SSLVerifyCert, this);
 		*/
+		
+		/*
+		// Set ciphersuite to the easiest one to decode, so that the connection can be wireshark-decoded:
+		static const int CipherSuites[] =
+		{
+			TLS_RSA_WITH_RC4_128_MD5,
+			TLS_RSA_WITH_RC4_128_SHA,
+			TLS_RSA_WITH_AES_128_CBC_SHA,
+			0,  // Must be 0-terminated!
+		};
+		ssl_set_ciphersuites(&m_Ssl, CipherSuites);
+		*/
 	#endif
 	
 	m_IsValid = true;
-- 
cgit v1.2.3