diff options
author | Dmitry Belyavsky <beldmit@gmail.com> | 2016-05-11 21:00:12 +0100 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2016-05-12 12:02:38 +0100 |
commit | 48c16012e743a31c42d823a75bc3cb72b8fad85f (patch) | |
tree | 88509d19329ed9948db22b1ca69494a75b99a286 /ssl/s3_lib.c | |
parent | 7c0ef8431845ea741012a5a6ff7063dca801fadd (diff) |
Don't use GOST ciphersuites with DTLS.
RT#4438
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
Diffstat (limited to 'ssl/s3_lib.c')
-rw-r--r-- | ssl/s3_lib.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 9064abb7ce..5d5293e1fc 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -2506,7 +2506,7 @@ static SSL_CIPHER ssl3_ciphers[] = SSL_eGOST2814789CNT, SSL_GOST89MAC, TLS1_VERSION, TLS1_2_VERSION, - DTLS1_VERSION, DTLS1_2_VERSION, + 0, 0, SSL_HIGH, SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC, 256, @@ -2521,7 +2521,7 @@ static SSL_CIPHER ssl3_ciphers[] = SSL_eNULL, SSL_GOST94, TLS1_VERSION, TLS1_2_VERSION, - DTLS1_VERSION, DTLS1_2_VERSION, + 0, 0, SSL_STRONG_NONE, SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94, 0, @@ -2536,7 +2536,7 @@ static SSL_CIPHER ssl3_ciphers[] = SSL_eGOST2814789CNT12, SSL_GOST89MAC12, TLS1_VERSION, TLS1_2_VERSION, - DTLS1_VERSION, DTLS1_2_VERSION, + 0, 0, SSL_HIGH, SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC, 256, @@ -2551,7 +2551,7 @@ static SSL_CIPHER ssl3_ciphers[] = SSL_eNULL, SSL_GOST12_256, TLS1_VERSION, TLS1_2_VERSION, - DTLS1_VERSION, DTLS1_2_VERSION, + 0, 0, SSL_STRONG_NONE, SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC, 0, |