From d7a474264b4bc9c8ae87c897fe4c5803f97b5f8d Mon Sep 17 00:00:00 2001
From: Kurt Roeckx <kurt@roeckx.be>
Date: Sun, 7 Feb 2016 20:20:01 +0100
Subject: [PATCH 1/1] IDEA is not supported in TLS 1.2

This currently seems to be the only cipher we still support that should get
disabled.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

MR: #1595
---
 ssl/s3_lib.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 093ff09e8f..c779ea76c3 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -242,8 +242,8 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      SSL_aRSA,
      SSL_IDEA,
      SSL_SHA1,
-     SSL3_VERSION, TLS1_2_VERSION,
-     DTLS1_VERSION, DTLS1_2_VERSION,
+     SSL3_VERSION, TLS1_1_VERSION,
+     DTLS1_VERSION, DTLS1_VERSION,
      SSL_NOT_DEFAULT | SSL_MEDIUM,
      SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
      128,
-- 
2.34.1