From 3eb2aff40116ecceab847c895cbf02cdb075d194 Mon Sep 17 00:00:00 2001 From: Kurt Roeckx Date: Sun, 7 Feb 2016 20:17:07 +0100 Subject: Add support for minimum and maximum protocol version supported by a cipher Reviewed-by: Viktor Dukhovni MR: #1595 --- ssl/s3_lib.c | 534 +++++++++++++++++++++++++++++++++++++++-------------------- 1 file changed, 358 insertions(+), 176 deletions(-) (limited to 'ssl/s3_lib.c') diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 51fb161dd6..093ff09e8f 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -171,7 +171,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_eNULL, SSL_MD5, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_STRONG_NONE, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, @@ -187,7 +188,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_eNULL, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, @@ -204,7 +206,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_RC4, SSL_MD5, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_MEDIUM, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -220,7 +223,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_RC4, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_MEDIUM, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -238,7 +242,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_IDEA, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_MEDIUM, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -255,7 +260,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_3DES, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 112, @@ -271,7 +277,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aDSS, SSL_3DES, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 112, @@ -287,7 +294,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_3DES, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 112, @@ -304,7 +312,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aNULL, SSL_RC4, SSL_MD5, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_MEDIUM, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -321,7 +330,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aNULL, SSL_3DES, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 112, @@ -337,7 +347,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_eNULL, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, @@ -352,7 +363,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_eNULL, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, @@ -367,7 +379,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_eNULL, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, @@ -385,7 +398,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES128, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -400,7 +414,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aDSS, SSL_AES128, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -415,7 +430,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES128, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -430,7 +446,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aNULL, SSL_AES128, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -446,7 +463,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES256, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, @@ -462,7 +480,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aDSS, SSL_AES256, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, @@ -478,7 +497,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES256, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, @@ -494,7 +514,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aNULL, SSL_AES256, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, @@ -511,7 +532,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_eNULL, SSL_SHA256, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, @@ -527,7 +549,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES128, SSL_SHA256, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -543,7 +566,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES256, SSL_SHA256, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, @@ -559,7 +583,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aDSS, SSL_AES128, SSL_SHA256, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -578,7 +603,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_CAMELLIA128, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -594,7 +620,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aDSS, SSL_CAMELLIA128, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -610,7 +637,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_CAMELLIA128, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -626,7 +654,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aNULL, SSL_CAMELLIA128, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -644,7 +673,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES128, SSL_SHA256, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -660,7 +690,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aDSS, SSL_AES256, SSL_SHA256, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, @@ -676,7 +707,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES256, SSL_SHA256, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, @@ -692,7 +724,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aNULL, SSL_AES128, SSL_SHA256, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -708,7 +741,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aNULL, SSL_AES256, SSL_SHA256, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, @@ -725,7 +759,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aGOST01, SSL_eGOST2814789CNT, SSL_GOST89MAC, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH, SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC, 256, @@ -739,7 +774,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aGOST01, SSL_eNULL, SSL_GOST94, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_STRONG_NONE, SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94, 0, @@ -758,7 +794,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_CAMELLIA256, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, @@ -774,7 +811,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aDSS, SSL_CAMELLIA256, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, @@ -790,7 +828,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_CAMELLIA256, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, @@ -806,7 +845,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aNULL, SSL_CAMELLIA256, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, @@ -826,7 +866,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_RC4, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_MEDIUM, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -843,7 +884,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_3DES, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 112, @@ -859,7 +901,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_AES128, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -875,7 +918,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_AES256, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, @@ -892,7 +936,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_RC4, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_MEDIUM, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -909,7 +954,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_3DES, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 112, @@ -925,7 +971,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_AES128, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -941,7 +988,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_AES256, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, @@ -958,7 +1006,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_RC4, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_MEDIUM, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -975,7 +1024,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_3DES, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 112, @@ -991,7 +1041,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES128, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -1007,7 +1058,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES256, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, @@ -1027,7 +1079,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_SEED, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_MEDIUM, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -1043,7 +1096,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aDSS, SSL_SEED, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_MEDIUM, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -1059,7 +1113,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_SEED, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_MEDIUM, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -1075,7 +1130,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aNULL, SSL_SEED, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_MEDIUM, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -1095,7 +1151,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES128GCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -1111,7 +1168,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES256GCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 256, @@ -1127,7 +1185,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES128GCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -1143,7 +1202,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES256GCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 256, @@ -1159,7 +1219,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aDSS, SSL_AES128GCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -1175,7 +1236,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aDSS, SSL_AES256GCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 256, @@ -1191,7 +1253,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aNULL, SSL_AES128GCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -1207,7 +1270,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aNULL, SSL_AES256GCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 256, @@ -1225,7 +1289,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_AES128GCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -1241,7 +1306,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_AES256GCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 256, @@ -1257,7 +1323,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_AES128GCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -1273,7 +1340,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_AES256GCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 256, @@ -1289,7 +1357,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES128GCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -1305,7 +1374,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES256GCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 256, @@ -1321,7 +1391,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_AES128, SSL_SHA256, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -1337,7 +1408,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_AES256, SSL_SHA384, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 256, @@ -1353,7 +1425,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_eNULL, SSL_SHA256, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, @@ -1369,7 +1442,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_eNULL, SSL_SHA384, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 0, @@ -1385,7 +1459,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_AES128, SSL_SHA256, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -1401,7 +1476,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_AES256, SSL_SHA384, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 256, @@ -1417,7 +1493,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_eNULL, SSL_SHA256, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, @@ -1433,7 +1510,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_eNULL, SSL_SHA384, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 0, @@ -1449,7 +1527,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES128, SSL_SHA256, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -1465,7 +1544,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES256, SSL_SHA384, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 256, @@ -1481,7 +1561,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_eNULL, SSL_SHA256, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, @@ -1497,7 +1578,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_eNULL, SSL_SHA384, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 0, @@ -1517,7 +1599,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_CAMELLIA128, SSL_SHA256, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -1533,7 +1616,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aDSS, SSL_CAMELLIA128, SSL_SHA256, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -1549,7 +1633,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_CAMELLIA128, SSL_SHA256, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -1565,7 +1650,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aNULL, SSL_CAMELLIA128, SSL_SHA256, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -1581,7 +1667,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_CAMELLIA256, SSL_SHA256, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 256, @@ -1597,7 +1684,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aDSS, SSL_CAMELLIA256, SSL_SHA256, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 256, @@ -1613,7 +1701,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_CAMELLIA256, SSL_SHA256, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 256, @@ -1629,7 +1718,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aNULL, SSL_CAMELLIA256, SSL_SHA256, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 256, @@ -1648,7 +1738,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aECDSA, SSL_eNULL, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, @@ -1665,7 +1756,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aECDSA, SSL_RC4, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_MEDIUM, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -1682,7 +1774,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aECDSA, SSL_3DES, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 112, @@ -1698,7 +1791,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aECDSA, SSL_AES128, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -1714,7 +1808,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aECDSA, SSL_AES256, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, @@ -1730,7 +1825,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_eNULL, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, @@ -1747,7 +1843,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_RC4, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_MEDIUM, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -1764,7 +1861,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_3DES, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 112, @@ -1780,7 +1878,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES128, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -1796,7 +1895,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES256, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, @@ -1812,7 +1912,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aNULL, SSL_eNULL, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, @@ -1829,7 +1930,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aNULL, SSL_RC4, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_MEDIUM, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -1846,7 +1948,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aNULL, SSL_3DES, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 112, @@ -1862,7 +1965,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aNULL, SSL_AES128, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -1878,7 +1982,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aNULL, SSL_AES256, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, @@ -1896,7 +2001,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aSRP, SSL_3DES, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 112, @@ -1912,7 +2018,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_3DES, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 112, @@ -1928,7 +2035,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aDSS, SSL_3DES, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 112, @@ -1944,7 +2052,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aSRP, SSL_AES128, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -1960,7 +2069,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES128, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -1976,7 +2086,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aDSS, SSL_AES128, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -1992,7 +2103,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aSRP, SSL_AES256, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, @@ -2008,7 +2120,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES256, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, @@ -2024,7 +2137,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aDSS, SSL_AES256, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, @@ -2044,7 +2158,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aECDSA, SSL_AES128, SSL_SHA256, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -2060,7 +2175,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aECDSA, SSL_AES256, SSL_SHA384, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 256, @@ -2077,7 +2193,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES128, SSL_SHA256, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -2093,7 +2210,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES256, SSL_SHA384, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 256, @@ -2111,7 +2229,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aECDSA, SSL_AES128GCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -2127,7 +2246,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aECDSA, SSL_AES256GCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 256, @@ -2143,7 +2263,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES128GCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -2159,7 +2280,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES256GCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 256, @@ -2177,7 +2299,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_RC4, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_MEDIUM, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -2194,7 +2317,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_3DES, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 112, @@ -2210,7 +2334,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_AES128, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -2226,7 +2351,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_AES256, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 256, @@ -2242,7 +2368,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_AES128, SSL_SHA256, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -2258,7 +2385,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_AES256, SSL_SHA384, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 256, @@ -2274,7 +2402,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_eNULL, SSL_SHA1, - SSL_SSLV3, + SSL3_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, @@ -2290,7 +2419,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_eNULL, SSL_SHA256, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 0, @@ -2306,7 +2436,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_eNULL, SSL_SHA384, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_STRONG_NONE | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 0, @@ -2322,7 +2453,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aECDSA, SSL_CAMELLIA128, SSL_SHA256, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -2336,7 +2468,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aECDSA, SSL_CAMELLIA256, SSL_SHA384, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 256, @@ -2350,7 +2483,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_CAMELLIA128, SSL_SHA256, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -2364,7 +2498,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_CAMELLIA256, SSL_SHA384, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 256, @@ -2382,7 +2517,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_CAMELLIA128, SSL_SHA256, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -2396,7 +2532,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_CAMELLIA256, SSL_SHA384, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 256, @@ -2410,7 +2547,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_CAMELLIA128, SSL_SHA256, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -2424,7 +2562,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_CAMELLIA256, SSL_SHA384, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 256, @@ -2438,7 +2577,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_CAMELLIA128, SSL_SHA256, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -2452,7 +2592,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_CAMELLIA256, SSL_SHA384, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 256, @@ -2466,7 +2607,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_CAMELLIA128, SSL_SHA256, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, @@ -2480,7 +2622,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_CAMELLIA256, SSL_SHA384, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 256, @@ -2496,7 +2639,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES128CCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -2512,7 +2656,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES256CCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 256, @@ -2528,7 +2673,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES128CCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -2544,7 +2690,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES256CCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 256, @@ -2560,7 +2707,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES128CCM8, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -2576,7 +2724,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES256CCM8, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 256, @@ -2592,7 +2741,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES128CCM8, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -2608,7 +2758,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_AES256CCM8, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 256, @@ -2624,7 +2775,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_AES128CCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -2640,7 +2792,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_AES256CCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 256, @@ -2656,7 +2809,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_AES128CCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -2672,7 +2826,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_AES256CCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 256, @@ -2688,7 +2843,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_AES128CCM8, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -2704,7 +2860,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_AES256CCM8, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 256, @@ -2720,7 +2877,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_AES128CCM8, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -2736,7 +2894,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_AES256CCM8, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 256, @@ -2752,7 +2911,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aECDSA, SSL_AES128CCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -2768,7 +2928,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aECDSA, SSL_AES256CCM, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 256, @@ -2784,7 +2945,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aECDSA, SSL_AES128CCM8, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 128, @@ -2800,7 +2962,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aECDSA, SSL_AES256CCM8, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_NOT_DEFAULT | SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 256, @@ -2817,7 +2980,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_CHACHA20POLY1305, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 256, @@ -2832,7 +2996,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aECDSA, SSL_CHACHA20POLY1305, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 256, @@ -2849,7 +3014,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_CHACHA20POLY1305, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 256, @@ -2866,7 +3032,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_CHACHA20POLY1305, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 256, @@ -2881,7 +3048,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_CHACHA20POLY1305, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 256, @@ -2896,7 +3064,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aPSK, SSL_CHACHA20POLY1305, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 256, @@ -2911,7 +3080,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_CHACHA20POLY1305, SSL_AEAD, - SSL_TLSV1_2, + TLS1_2_VERSION, TLS1_2_VERSION, + DTLS1_2_VERSION, DTLS1_2_VERSION, SSL_HIGH, SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 256, @@ -2928,7 +3098,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aGOST12 | SSL_aGOST01, SSL_eGOST2814789CNT12, SSL_GOST89MAC12, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_HIGH, SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC, 256, @@ -2941,7 +3112,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aGOST12 | SSL_aGOST01, SSL_eNULL, SSL_GOST12_256, - SSL_TLSV1, + TLS1_VERSION, TLS1_2_VERSION, + DTLS1_VERSION, DTLS1_2_VERSION, SSL_STRONG_NONE, SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC, 0, @@ -3749,6 +3921,14 @@ int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) return (2); } +/* + * ssl3_choose_cipher - choose a cipher from those offered by the client + * @s: SSL connection + * @clnt: ciphers offered by the client + * @srvr: ciphers enabled on the server? + * + * Returns the selected cipher or NULL when no common ciphers. + */ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, STACK_OF(SSL_CIPHER) *srvr) { @@ -3799,11 +3979,13 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) { c = sk_SSL_CIPHER_value(prio, i); - /* Skip TLS v1.2 only ciphersuites if not supported */ - if ((c->algorithm_ssl & SSL_TLSV1_2) && !SSL_USE_TLS1_2_CIPHERS(s)) + /* Skip ciphers not supported by the protocol version */ + if (!SSL_IS_DTLS(s) && + ((s->version < c->min_tls) || (s->version > c->max_tls))) continue; - /* Skip TLS v1.0 ciphersuites if SSLv3 */ - if ((c->algorithm_ssl & SSL_TLSV1) && s->version == SSL3_VERSION) + if (SSL_IS_DTLS(s) && + (DTLS_VERSION_LT(s->version, c->min_dtls) || + DTLS_VERSION_GT(s->version, c->max_dtls))) continue; mask_k = s->s3->tmp.mask_k; -- cgit v1.2.3