IDEA is not supported in TLS 1.2
authorKurt Roeckx <kurt@roeckx.be>
Sun, 7 Feb 2016 19:20:01 +0000 (20:20 +0100)
committerKurt Roeckx <kurt@roeckx.be>
Wed, 9 Mar 2016 18:10:28 +0000 (19:10 +0100)
This currently seems to be the only cipher we still support that should get
disabled.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
MR: #1595

ssl/s3_lib.c

index 093ff09..c779ea7 100644 (file)
@@ -242,8 +242,8 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      SSL_aRSA,
      SSL_IDEA,
      SSL_SHA1,
-     SSL3_VERSION, TLS1_2_VERSION,
-     DTLS1_VERSION, DTLS1_2_VERSION,
+     SSL3_VERSION, TLS1_1_VERSION,
+     DTLS1_VERSION, DTLS1_VERSION,
      SSL_NOT_DEFAULT | SSL_MEDIUM,
      SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
      128,