diff options
author | Bodo Möller <bodo@openssl.org> | 2005-11-15 23:32:11 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2005-11-15 23:32:11 +0000 |
commit | d804f86b88f8d45edd71f51713a56f8af9af4fed (patch) | |
tree | 13dc39cc426cb0432f42e699d884c9a827aa0108 /ssl/tls1.h | |
parent | 8dee9f844f8f22e74d00dff43043732ef1e1fe15 (diff) |
disable some invalid ciphersuites
Diffstat (limited to 'ssl/tls1.h')
-rw-r--r-- | ssl/tls1.h | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/ssl/tls1.h b/ssl/tls1.h index be15445384..112ef3a99f 100644 --- a/ssl/tls1.h +++ b/ssl/tls1.h @@ -97,12 +97,13 @@ extern "C" { #define TLS1_AD_USER_CANCELLED 90 #define TLS1_AD_NO_RENEGOTIATION 100 -/* Additional TLS ciphersuites from draft-ietf-tls-56-bit-ciphersuites-00.txt +/* Additional TLS ciphersuites from expired Internet Draft + * draft-ietf-tls-56-bit-ciphersuites-01.txt * (available if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see * s3_lib.c). We actually treat them like SSL 3.0 ciphers, which we probably - * shouldn't. */ -#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5 0x03000060 -#define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 0x03000061 + * shouldn't. Note that the first two are actually not in the IDs. */ +#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5 0x03000060 /* not in ID */ +#define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 0x03000061 /* not in ID */ #define TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA 0x03000062 #define TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA 0x03000063 #define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA 0x03000064 |