diff options
author | Nicola Tuveri <nic.tuv@gmail.com> | 2022-02-22 14:47:11 +0200 |
---|---|---|
committer | Nicola Tuveri <nic.tuv@gmail.com> | 2022-03-02 00:00:14 +0200 |
commit | 1925edb2586e00cc502a325271f5528200dc1914 (patch) | |
tree | df9fe66d900581f996a78cf4b9bdb9977c48bf2a /ssl | |
parent | f5ec705d4ad15767204f301d96d9bfd447b66c24 (diff) |
[ssl] Prefer SSL_k(EC)?DHE to the SSL_kE(EC)?DH alias
`SSL_kECDHE` and `SSL_kEECDH`, and `SSL_kDHE` and `SSL_kEDH` are already
marked as aliases of each other in the headers.
This commit, for each pair, replaces the leftover uses of the latter
synonym with the first one, which is considered more common.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17763)
(cherry picked from commit 66914fc024cfe0fec00dc0f2c7bd8a7957da5ec4)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/s3_lib.c | 12 | ||||
-rw-r--r-- | ssl/ssl_cert.c | 2 |
2 files changed, 7 insertions, 7 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 0ce747bd4c..431d6ad9c7 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -2168,7 +2168,7 @@ static SSL_CIPHER ssl3_ciphers[] = { TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256, TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256, TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256, - SSL_kEDH, + SSL_kDHE, SSL_aDSS, SSL_CAMELLIA128, SSL_SHA256, @@ -2184,7 +2184,7 @@ static SSL_CIPHER ssl3_ciphers[] = { TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, - SSL_kEDH, + SSL_kDHE, SSL_aRSA, SSL_CAMELLIA128, SSL_SHA256, @@ -2200,7 +2200,7 @@ static SSL_CIPHER ssl3_ciphers[] = { TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256, TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256, TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256, - SSL_kEDH, + SSL_kDHE, SSL_aNULL, SSL_CAMELLIA128, SSL_SHA256, @@ -2232,7 +2232,7 @@ static SSL_CIPHER ssl3_ciphers[] = { TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256, TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256, TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256, - SSL_kEDH, + SSL_kDHE, SSL_aDSS, SSL_CAMELLIA256, SSL_SHA256, @@ -2248,7 +2248,7 @@ static SSL_CIPHER ssl3_ciphers[] = { TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, - SSL_kEDH, + SSL_kDHE, SSL_aRSA, SSL_CAMELLIA256, SSL_SHA256, @@ -2264,7 +2264,7 @@ static SSL_CIPHER ssl3_ciphers[] = { TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256, TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256, TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256, - SSL_kEDH, + SSL_kDHE, SSL_aNULL, SSL_CAMELLIA256, SSL_SHA256, diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 21ce168481..70d2468b2b 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -1037,7 +1037,7 @@ static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx, return 0; /* Level 3: forward secure ciphersuites only */ if (level >= 3 && c->min_tls != TLS1_3_VERSION && - !(c->algorithm_mkey & (SSL_kEDH | SSL_kEECDH))) + !(c->algorithm_mkey & (SSL_kDHE | SSL_kECDHE))) return 0; break; } |