apps/s_cb.c: recognized latest TLS version.

[openssl.git] / ssl / ssl_ciph.c

diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index 29d8f2849d1380fce8f4a2376f25cea3fcc692f0..c12a7a22d2b194fbd64bcab73716bdbb2deb7566 100644 (file)
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -238,9 +238,9 @@ static const SSL_CIPHER cipher_aliases[]={
         * e.g. kEDH combines DHE_DSS and DHE_RSA) */
        {0,SSL_TXT_kRSA,0,    SSL_kRSA,  0,0,0,0,0,0,0,0},
 
-       {0,SSL_TXT_kDHr,0,    SSL_kDHr,  0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
-       {0,SSL_TXT_kDHd,0,    SSL_kDHd,  0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
-       {0,SSL_TXT_kDH,0,     SSL_kDHr|SSL_kDHd,0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
+       {0,SSL_TXT_kDHr,0,    SSL_kDHr,  0,0,0,0,0,0,0,0},
+       {0,SSL_TXT_kDHd,0,    SSL_kDHd,  0,0,0,0,0,0,0,0},
+       {0,SSL_TXT_kDH,0,     SSL_kDHr|SSL_kDHd,0,0,0,0,0,0,0,0},
        {0,SSL_TXT_kEDH,0,    SSL_kEDH,  0,0,0,0,0,0,0,0},
        {0,SSL_TXT_DH,0,      SSL_kDHr|SSL_kDHd|SSL_kEDH,0,0,0,0,0,0,0,0},
 
@@ -470,6 +470,7 @@ static void load_builtin_compressions(void)
                                                sk_SSL_COMP_push(ssl_comp_methods,comp);
                                                }
                                        }
+                                       sk_SSL_COMP_sort(ssl_comp_methods);
                                }
                        MemCheck_on();
                        }
@@ -700,8 +701,6 @@ static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth, un
 #ifdef OPENSSL_NO_DSA
        *auth |= SSL_aDSS;
 #endif
-       *mkey |= SSL_kDHr|SSL_kDHd; /* no such ciphersuites supported! */
-       *auth |= SSL_aDH;
 #ifdef OPENSSL_NO_DH
        *mkey |= SSL_kDHr|SSL_kDHd|SSL_kEDH;
        *auth |= SSL_aDH;
@@ -749,6 +748,8 @@ static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth, un
        *enc |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0;
        *enc |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES128:0;
        *enc |= (ssl_cipher_methods[SSL_ENC_AES256_IDX] == NULL) ? SSL_AES256:0;
+       *enc |= (ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] == NULL) ? SSL_AES128GCM:0;
+       *enc |= (ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] == NULL) ? SSL_AES256GCM:0;
        *enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] == NULL) ? SSL_CAMELLIA128:0;
        *enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] == NULL) ? SSL_CAMELLIA256:0;
        *enc |= (ssl_cipher_methods[SSL_ENC_GOST89_IDX] == NULL) ? SSL_eGOST2814789CNT:0;