adium 5585:8dd676d7398d: Remove the whitelist of cipher suites s...

[commits at adium.im]

details:	http://hg.adium.im/adium/rev/8dd676d7398d
revision:	5585:8dd676d7398d
branch:		adium-1.6
author:		Thijs Alkemade <me at thijsalkema.de>
date:		Tue Jun 25 02:24:24 2013 +0200

Remove the whitelist of cipher suites supported by Adium. This list is badly outdated, anyone still suffering from #12913 should have updated their server by now.

Also, SSL_RSA_WITH_NULL_MD5 being in there is RETARDED.

diffs (55 lines):

diff -r 1031c3d6b70e -r 8dd676d7398d Plugins/Purple Service/libpurple_extensions/ssl-cdsa.c
--- a/Plugins/Purple Service/libpurple_extensions/ssl-cdsa.c	Sat Jun 22 00:40:15 2013 -0400
+++ b/Plugins/Purple Service/libpurple_extensions/ssl-cdsa.c	Tue Jun 25 02:24:24 2013 +0200
@@ -361,50 +361,7 @@
 		purple_ssl_close(gsc);
 		return;
     }
-    
-    /*
-     * Disable ciphers that confuse some servers
-     */
-    SSLCipherSuite ciphers[27] = {
-        TLS_RSA_WITH_AES_128_CBC_SHA,
-        SSL_RSA_WITH_RC4_128_SHA,
-        SSL_RSA_WITH_RC4_128_MD5,
-        TLS_RSA_WITH_AES_256_CBC_SHA,
-        SSL_RSA_WITH_3DES_EDE_CBC_SHA,
-        SSL_RSA_WITH_3DES_EDE_CBC_MD5,
-        SSL_RSA_WITH_DES_CBC_SHA,
-        SSL_RSA_EXPORT_WITH_RC4_40_MD5,
-        SSL_RSA_EXPORT_WITH_DES40_CBC_SHA,
-        SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,
-        TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
-        TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
-        TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
-        TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
-        SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
-        SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
-        SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
-        SSL_DHE_DSS_WITH_DES_CBC_SHA,
-        SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,
-        TLS_DH_anon_WITH_AES_128_CBC_SHA,
-        TLS_DH_anon_WITH_AES_256_CBC_SHA,
-        SSL_DH_anon_WITH_RC4_128_MD5,
-        SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,
-        SSL_DH_anon_WITH_DES_CBC_SHA,
-        SSL_DH_anon_EXPORT_WITH_RC4_40_MD5,
-        SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA,
-        SSL_RSA_WITH_NULL_MD5,
-    };
-    err = (OSStatus)SSLSetEnabledCiphers(cdsa_data->ssl_ctx, ciphers, sizeof(ciphers) / sizeof(SSLCipherSuite));
-    if (err != noErr) {
-        purple_debug_error("cdsa", "SSLSetEnabledCiphers failed\n");
-        if (gsc->error_cb != NULL)
-            gsc->error_cb(gsc, PURPLE_SSL_HANDSHAKE_FAILED,
-                          gsc->connect_cb_data);
-        
-        purple_ssl_close(gsc);
-        return;
-    }
-    
+	
     if (purple_account_get_bool(account, PURPLE_SSL_CDSA_BUGGY_TLS_WORKAROUND, false)) {
         purple_debug_info("cdsa", "Explicitly disabling TLS 1.1 and above to try and work around buggy TLS stacks\n");