diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-05-29 21:20:07 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-05-29 21:22:24 +0200 |
commit | faa0cfe0aa9446a01f8b022a9e33ed31820a9895 (patch) | |
tree | 317a13354a2cead75b7ca56401eb88be7a50d84e | |
parent | a1bcb2ce2c78551210618dfb23001fc767c8d05c (diff) | |
download | gnutls-faa0cfe0aa9446a01f8b022a9e33ed31820a9895.tar.gz |
allow ciphersuites with elliptic curves even when using SSL 3.0.
This works around a bug on openssl in certain Debian systems.
-rw-r--r-- | lib/algorithms/ciphersuites.c | 38 |
1 files changed, 19 insertions, 19 deletions
diff --git a/lib/algorithms/ciphersuites.c b/lib/algorithms/ciphersuites.c index 678812e6dc..bc35e58080 100644 --- a/lib/algorithms/ciphersuites.c +++ b/lib/algorithms/ciphersuites.c @@ -504,53 +504,53 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { /* ECC-ANON */ ENTRY (GNUTLS_ECDH_ANON_NULL_SHA1, GNUTLS_CIPHER_NULL, GNUTLS_KX_ANON_ECDH, - GNUTLS_MAC_SHA1, GNUTLS_TLS1_0, + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_ECDH_ANON_3DES_EDE_CBC_SHA1, GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ANON_ECDH, - GNUTLS_MAC_SHA1, GNUTLS_TLS1_0, + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_ECDH_ANON_AES_128_CBC_SHA1, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ANON_ECDH, - GNUTLS_MAC_SHA1, GNUTLS_TLS1_0, + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_ECDH_ANON_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ANON_ECDH, - GNUTLS_MAC_SHA1, GNUTLS_TLS1_0, + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX, 1), /* ECC-RSA */ ENTRY (GNUTLS_ECDHE_RSA_NULL_SHA1, GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_RSA, - GNUTLS_MAC_SHA1, GNUTLS_TLS1_0, + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_ECDHE_RSA_3DES_EDE_CBC_SHA1, GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ECDHE_RSA, - GNUTLS_MAC_SHA1, GNUTLS_TLS1_0, + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_RSA, - GNUTLS_MAC_SHA1, GNUTLS_TLS1_0, + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_RSA, - GNUTLS_MAC_SHA1, GNUTLS_TLS1_0, + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX, 1), /* ECDHE-ECDSA */ ENTRY (GNUTLS_ECDHE_ECDSA_NULL_SHA1, GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_ECDSA, - GNUTLS_MAC_SHA1, GNUTLS_TLS1_0, + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1, GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ECDHE_ECDSA, - GNUTLS_MAC_SHA1, GNUTLS_TLS1_0, + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_ECDSA, - GNUTLS_MAC_SHA1, GNUTLS_TLS1_0, + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_ECDSA, - GNUTLS_MAC_SHA1, GNUTLS_TLS1_0, + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX, 1), /* More ECC */ @@ -573,31 +573,31 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { /* ECC - PSK */ ENTRY (GNUTLS_ECDHE_PSK_3DES_EDE_CBC_SHA1, GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ECDHE_PSK, - GNUTLS_MAC_SHA1, GNUTLS_TLS1_0, + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_ECDHE_PSK_AES_128_CBC_SHA1, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_PSK, - GNUTLS_MAC_SHA1, GNUTLS_TLS1_0, + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_ECDHE_PSK_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_PSK, - GNUTLS_MAC_SHA1, GNUTLS_TLS1_0, + GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_ECDHE_PSK_AES_128_CBC_SHA256, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_PSK, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_0, + GNUTLS_MAC_SHA256, GNUTLS_SSL3, GNUTLS_VERSION_MAX, 1), ENTRY_PRF (GNUTLS_ECDHE_PSK_AES_256_CBC_SHA384, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_PSK, - GNUTLS_MAC_SHA384, GNUTLS_TLS1_0, + GNUTLS_MAC_SHA384, GNUTLS_SSL3, GNUTLS_VERSION_MAX, 1, GNUTLS_MAC_SHA384), ENTRY (GNUTLS_ECDHE_PSK_NULL_SHA256, GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_PSK, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_0, + GNUTLS_MAC_SHA256, GNUTLS_SSL3, GNUTLS_VERSION_MAX, 1), ENTRY_PRF (GNUTLS_ECDHE_PSK_NULL_SHA384, GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_PSK, - GNUTLS_MAC_SHA384, GNUTLS_TLS1_0, + GNUTLS_MAC_SHA384, GNUTLS_SSL3, GNUTLS_VERSION_MAX, 1, GNUTLS_MAC_SHA384), ENTRY_PRF(GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384, GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_ECDHE_ECDSA, |