diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-01-31 22:34:44 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-01-31 22:34:44 +0100 |
commit | 924759937369d812f8dd818c6ade225dac7cf416 (patch) | |
tree | 725d23ca12ced20f2fbcfe793038ad4fc5cca88f | |
parent | edd0031ae476b881c4687fc4719bfda80c8e786c (diff) | |
download | gnutls-924759937369d812f8dd818c6ade225dac7cf416.tar.gz |
reduced the TLS version requirements for all ciphersuites that are not GCM.
-rw-r--r-- | lib/algorithms/ciphersuites.c | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/lib/algorithms/ciphersuites.c b/lib/algorithms/ciphersuites.c index f586597410..dc8e76c87b 100644 --- a/lib/algorithms/ciphersuites.c +++ b/lib/algorithms/ciphersuites.c @@ -231,7 +231,7 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_RSA_NULL_SHA256, GNUTLS_CIPHER_NULL, - GNUTLS_KX_RSA, GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, + GNUTLS_KX_RSA, GNUTLS_MAC_SHA256, GNUTLS_TLS1, GNUTLS_VERSION_MAX, 1), /* RSA */ @@ -265,11 +265,11 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_RSA_AES_128_CBC_SHA256, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_RSA, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, + GNUTLS_MAC_SHA256, GNUTLS_TLS1, GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_RSA_AES_256_CBC_SHA256, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_RSA, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, + GNUTLS_MAC_SHA256, GNUTLS_TLS1, GNUTLS_VERSION_MAX, 1), /* GCM */ ENTRY (GNUTLS_RSA_AES_128_GCM_SHA256, @@ -307,11 +307,11 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_DHE_DSS_AES_128_CBC_SHA256, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_DSS, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, + GNUTLS_MAC_SHA256, GNUTLS_TLS1, GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_DHE_DSS_AES_256_CBC_SHA256, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_DSS, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, + GNUTLS_MAC_SHA256, GNUTLS_TLS1, GNUTLS_VERSION_MAX, 1), /* DHE_RSA */ ENTRY (GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1, @@ -338,11 +338,11 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_DHE_RSA_AES_128_CBC_SHA256, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_RSA, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, + GNUTLS_MAC_SHA256, GNUTLS_TLS1, GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_DHE_RSA_AES_256_CBC_SHA256, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_RSA, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, + GNUTLS_MAC_SHA256, GNUTLS_TLS1, GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_DHE_RSA_AES_128_GCM_SHA256, GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_DHE_RSA, @@ -392,11 +392,11 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { ENTRY (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA256, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_ECDSA, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, + GNUTLS_MAC_SHA256, GNUTLS_TLS1, GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA256, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_RSA, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, + GNUTLS_MAC_SHA256, GNUTLS_TLS1, GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256, GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_ECDHE_ECDSA, @@ -416,7 +416,7 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { GNUTLS_VERSION_MAX, 1, GNUTLS_DIG_SHA384), ENTRY_PRF(GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA384, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_ECDSA, - GNUTLS_MAC_SHA384, GNUTLS_TLS1_2, + GNUTLS_MAC_SHA384, GNUTLS_TLS1, GNUTLS_VERSION_MAX, 1, GNUTLS_DIG_SHA384), #endif #ifdef ENABLE_PSK @@ -549,11 +549,11 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_DH_ANON_AES_128_CBC_SHA256, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ANON_DH, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, + GNUTLS_MAC_SHA256, GNUTLS_TLS1, GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_DH_ANON_AES_256_CBC_SHA256, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ANON_DH, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, + GNUTLS_MAC_SHA256, GNUTLS_TLS1, GNUTLS_VERSION_MAX, 1), ENTRY (GNUTLS_DH_ANON_AES_128_GCM_SHA256, GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_ANON_DH, |