Skip to content

Commit

Permalink
Allow "DHE" and "kDHE" as synonyms of "EDH" and "kEDH" when specifiyi…
Browse files Browse the repository at this point in the history 
…ng ciphers

The standard terminology in https://tools.ietf.org/html/rfc5426 is
"DHE".  "openssl ciphers" outputs "DHE" (for the most part).  But
users of the library currently cannot specify "DHE", they must
currently specify "EDH".

This change allows users to specify the common term in cipher suite
strings without breaking backward compatibility.
  • Loading branch information
@dkg @snhenson
dkg authored and snhenson committed Jan 9, 2014
1 parent 4082fea commit 7988163
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 2 deletions.
6 changes: 4 additions & 2 deletions ssl/ssl.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -244,7 +244,8 @@ extern "C" {
#define SSL_TXT_kDHr "kDHr"
#define SSL_TXT_kDHd "kDHd"
#define SSL_TXT_kDH "kDH"
#define SSL_TXT_kEDH "kEDH"
#define SSL_TXT_kEDH "kEDH" /* alias for kDHE */
#define SSL_TXT_kDHE "kDHE"
#define SSL_TXT_kKRB5 "kKRB5"
#define SSL_TXT_kECDHr "kECDHr"
#define SSL_TXT_kECDHe "kECDHe"
Expand All @@ -268,7 +269,8 @@ extern "C" {

#define SSL_TXT_DSS "DSS"
#define SSL_TXT_DH "DH"
#define SSL_TXT_EDH "EDH" /* same as "kEDH:-ADH" */
#define SSL_TXT_DHE "DHE" /* same as "kDHE:-ADH" */
#define SSL_TXT_EDH "EDH" /* alias for DHE */
#define SSL_TXT_ADH "ADH"
#define SSL_TXT_RSA "RSA"
#define SSL_TXT_ECDH "ECDH"
Expand Down
2 changes: 2 additions & 0 deletions ssl/ssl_ciph.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -242,6 +242,7 @@ static const SSL_CIPHER cipher_aliases[]={
{0,SSL_TXT_kDHd,0, SSL_kDHd, 0,0,0,0,0,0,0,0},
{0,SSL_TXT_kDH,0, SSL_kDHr|SSL_kDHd,0,0,0,0,0,0,0,0},
{0,SSL_TXT_kEDH,0, SSL_kEDH, 0,0,0,0,0,0,0,0},
{0,SSL_TXT_kDHE,0, SSL_kEDH, 0,0,0,0,0,0,0,0},
{0,SSL_TXT_DH,0, SSL_kDHr|SSL_kDHd|SSL_kEDH,0,0,0,0,0,0,0,0},

{0,SSL_TXT_kKRB5,0, SSL_kKRB5, 0,0,0,0,0,0,0,0},
Expand Down Expand Up @@ -274,6 +275,7 @@ static const SSL_CIPHER cipher_aliases[]={

/* aliases combining key exchange and server authentication */
{0,SSL_TXT_EDH,0, SSL_kEDH,~SSL_aNULL,0,0,0,0,0,0,0},
{0,SSL_TXT_DHE,0, SSL_kEDH,~SSL_aNULL,0,0,0,0,0,0,0},
{0,SSL_TXT_EECDH,0, SSL_kECDHE,~SSL_aNULL,0,0,0,0,0,0,0},
{0,SSL_TXT_ECDHE,0, SSL_kECDHE,~SSL_aNULL,0,0,0,0,0,0,0},
{0,SSL_TXT_NULL,0, 0,0,SSL_eNULL, 0,0,0,0,0,0},
Expand Down

0 comments on commit 7988163

Please sign in to comment.