adium 5594:f0897fb5fb95: I don't dare to completely transplant 8...

[commits at adium.im]

details:	http://hg.adium.im/adium/rev/f0897fb5fb95
revision:	5594:f0897fb5fb95
branch:		adium-1.5.7
author:		Thijs Alkemade <me at thijsalkema.de>
date:		Tue Jun 25 22:55:21 2013 +0200

I don't dare to completely transplant 8dd676d7398d just before the release, but at least removing the worst cipheres.

* Using any anonymous cipher will crash Adium during cert verification.
* Did I mention SSL_RSA_WITH_NULL_MD5 is RETARDED?

diffs (29 lines):

diff -r f378111148c4 -r f0897fb5fb95 Plugins/Purple Service/libpurple_extensions/ssl-cdsa.c
--- a/Plugins/Purple Service/libpurple_extensions/ssl-cdsa.c	Tue Jun 25 21:41:03 2013 +0200
+++ b/Plugins/Purple Service/libpurple_extensions/ssl-cdsa.c	Tue Jun 25 22:55:21 2013 +0200
@@ -365,7 +365,7 @@
     /*
      * Disable ciphers that confuse some servers
      */
-    SSLCipherSuite ciphers[27] = {
+    SSLCipherSuite ciphers[] = {
         TLS_RSA_WITH_AES_128_CBC_SHA,
         SSL_RSA_WITH_RC4_128_SHA,
         SSL_RSA_WITH_RC4_128_MD5,
@@ -384,15 +384,7 @@
         SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
         SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
         SSL_DHE_DSS_WITH_DES_CBC_SHA,
-        SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,
-        TLS_DH_anon_WITH_AES_128_CBC_SHA,
-        TLS_DH_anon_WITH_AES_256_CBC_SHA,
-        SSL_DH_anon_WITH_RC4_128_MD5,
-        SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,
-        SSL_DH_anon_WITH_DES_CBC_SHA,
-        SSL_DH_anon_EXPORT_WITH_RC4_40_MD5,
-        SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA,
-        SSL_RSA_WITH_NULL_MD5,
+        SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
     };
     err = (OSStatus)SSLSetEnabledCiphers(cdsa_data->ssl_ctx, ciphers, sizeof(ciphers) / sizeof(SSLCipherSuite));
     if (err != noErr) {