Filter more disallowed openssl ciphers thanks to @gene-git #641

the-djmaze · Nov 9, 2022 · 8f37226 · 8f37226
1 parent 1d62920
commit 8f37226
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/snappymail/v/0.0.0/app/libraries/snappymail/crypt.php b/snappymail/v/0.0.0/app/libraries/snappymail/crypt.php
@@ -18,7 +18,8 @@ public static function listCiphers() : array
 			$list = \array_diff($list, \array_map('strtoupper',$list));
 			$list = \array_filter($list, function($v){
 				// DES/ECB/bf/rc insecure, GCM/CCM not supported
-				return !\preg_match('/(^(des|bf|rc))|-(ecb|gcm|ccm|ocb)|wrap/i', $v);
+				// AEAD
+				return !\preg_match('/(^(des|bf|rc))|-(ecb|gcm|ccm|ocb|siv|cts)|wrap/i', $v);
 			});
 			\natcasesort($list);
 		}