diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2014-06-09 12:03:12 +0100 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2014-06-09 12:09:49 +0100 |
| commit | 18c7f2fce8a82b13506cac7ca69fc333baf76408 (patch) | |
| tree | fce0591274bfe89d42372a2c31de7be93564e2ef /ssl | |
| parent | 6a8d6f039a5ea053d292f03f15f291d4c9cda1f6 (diff) | |
SRP ciphersuite correction.
SRP ciphersuites do not have no authentication. They have authentication
based on SRP. Add new SRP authentication flag and cipher string.
(cherry picked from commit a86b88acc373ac1fb0ca709a5fb8a8fa74683f67)
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/s3_lib.c | 6 | ||||
| -rw-r--r-- | ssl/ssl.h | 1 | ||||
| -rw-r--r-- | ssl/ssl_ciph.c | 4 | ||||
| -rw-r--r-- | ssl/ssl_locl.h | 1 |
4 files changed, 9 insertions, 3 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 36dd1f6524..4835bef1a7 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -2426,7 +2426,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA, TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA, SSL_kSRP, - SSL_aNULL, + SSL_aSRP, SSL_3DES, SSL_SHA1, SSL_TLSV1, @@ -2474,7 +2474,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA, TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA, SSL_kSRP, - SSL_aNULL, + SSL_aSRP, SSL_AES128, SSL_SHA1, SSL_TLSV1, @@ -2522,7 +2522,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA, TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA, SSL_kSRP, - SSL_aNULL, + SSL_aSRP, SSL_AES256, SSL_SHA1, SSL_TLSV1, @@ -264,6 +264,7 @@ extern "C" { #define SSL_TXT_aGOST94 "aGOST94" #define SSL_TXT_aGOST01 "aGOST01" #define SSL_TXT_aGOST "aGOST" +#define SSL_TXT_aSRP "aSRP" #define SSL_TXT_DSS "DSS" #define SSL_TXT_DH "DH" diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 0aba8e048c..06da26acc5 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -270,6 +270,7 @@ static const SSL_CIPHER cipher_aliases[]={ {0,SSL_TXT_aGOST94,0,0,SSL_aGOST94,0,0,0,0,0,0,0}, {0,SSL_TXT_aGOST01,0,0,SSL_aGOST01,0,0,0,0,0,0,0}, {0,SSL_TXT_aGOST,0,0,SSL_aGOST94|SSL_aGOST01,0,0,0,0,0,0,0}, + {0,SSL_TXT_aSRP,0, 0,SSL_aSRP, 0,0,0,0,0,0,0}, /* aliases combining key exchange and server authentication */ {0,SSL_TXT_EDH,0, SSL_kEDH,~SSL_aNULL,0,0,0,0,0,0,0}, @@ -1628,6 +1629,9 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) case SSL_aPSK: au="PSK"; break; + case SSL_aSRP: + au="SRP"; + break; default: au="unknown"; break; diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index e485907748..eb4d8f2fa9 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -311,6 +311,7 @@ #define SSL_aPSK 0x00000080L /* PSK auth */ #define SSL_aGOST94 0x00000100L /* GOST R 34.10-94 signature auth */ #define SSL_aGOST01 0x00000200L /* GOST R 34.10-2001 signature auth */ +#define SSL_aSRP 0x00000400L /* SRP auth */ /* Bits for algorithm_enc (symmetric encryption) */ |