diff options
author | Kurt Roeckx <kurt@roeckx.be> | 2016-03-03 22:02:58 +0100 |
---|---|---|
committer | Kurt Roeckx <kurt@roeckx.be> | 2016-03-04 18:48:03 +0100 |
commit | 1510b5f7ca8d06d2ea5966f645dce72a17b1b9c5 (patch) | |
tree | f2bf45333936008ec53cd71942dbb43697acd618 /ssl | |
parent | 5b7af0dd6c9315ca76fba16813b66f5792c7fe6e (diff) |
Don't mark the eNULL ciphers as non-default.
They're not part of ALL, so they're not part of COMPLEMENTOFDEFAULT
Reviewed-by: Rich Salz <rsalz@openssl.org>
MR: #2202
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/s3_lib.c | 38 | ||||
-rw-r--r-- | ssl/ssl_ciph.c | 2 |
2 files changed, 20 insertions, 20 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index f1ea55aea9..c9b27eba4b 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -172,7 +172,7 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_eNULL, SSL_MD5, SSL_SSLV3, - SSL_NOT_DEFAULT | SSL_STRONG_NONE, + SSL_STRONG_NONE, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, 0, @@ -188,7 +188,7 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_eNULL, SSL_SHA1, SSL_SSLV3, - SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS, + SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, 0, @@ -338,7 +338,7 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_eNULL, SSL_SHA1, SSL_SSLV3, - SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS, + SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, 0, @@ -353,7 +353,7 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_eNULL, SSL_SHA1, SSL_SSLV3, - SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS, + SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, 0, @@ -368,7 +368,7 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_eNULL, SSL_SHA1, SSL_SSLV3, - SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS, + SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, 0, @@ -512,7 +512,7 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_eNULL, SSL_SHA256, SSL_TLSV1_2, - SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS, + SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, 0, @@ -740,7 +740,7 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_eNULL, SSL_GOST94, SSL_TLSV1, - SSL_NOT_DEFAULT | SSL_STRONG_NONE, + SSL_STRONG_NONE, SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94, 0, 0 @@ -1354,7 +1354,7 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_eNULL, SSL_SHA256, SSL_TLSV1, - SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS, + SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, 0, @@ -1370,7 +1370,7 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_eNULL, SSL_SHA384, SSL_TLSV1, - SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS, + SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 0, 0, @@ -1418,7 +1418,7 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_eNULL, SSL_SHA256, SSL_TLSV1, - SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS, + SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, 0, @@ -1434,7 +1434,7 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_eNULL, SSL_SHA384, SSL_TLSV1, - SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS, + SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 0, 0, @@ -1482,7 +1482,7 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_eNULL, SSL_SHA256, SSL_TLSV1, - SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS, + SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, 0, @@ -1498,7 +1498,7 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_eNULL, SSL_SHA384, SSL_TLSV1, - SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS, + SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 0, 0, @@ -1649,7 +1649,7 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_eNULL, SSL_SHA1, SSL_SSLV3, - SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS, + SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, 0, @@ -1731,7 +1731,7 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_eNULL, SSL_SHA1, SSL_SSLV3, - SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS, + SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, 0, @@ -1813,7 +1813,7 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_eNULL, SSL_SHA1, SSL_SSLV3, - SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS, + SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, 0, @@ -2275,7 +2275,7 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_eNULL, SSL_SHA1, SSL_SSLV3, - SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS, + SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, 0, @@ -2291,7 +2291,7 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_eNULL, SSL_SHA256, SSL_TLSV1, - SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS, + SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, 0, @@ -2307,7 +2307,7 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_eNULL, SSL_SHA384, SSL_TLSV1, - SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS, + SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 0, 0, diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 9fbdc543fa..376b7b62d5 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -296,7 +296,7 @@ static const SSL_CIPHER cipher_aliases[] = { * "COMPLEMENTOFDEFAULT" (does *not* include ciphersuites not found in * ALL!) */ - {0, SSL_TXT_CMPDEF, 0, 0, 0, ~SSL_eNULL, 0, 0, SSL_NOT_DEFAULT, 0, 0, 0}, + {0, SSL_TXT_CMPDEF, 0, 0, 0, 0, 0, 0, SSL_NOT_DEFAULT, 0, 0, 0}, /* * key exchange aliases (some of those using only a single bit here |