SSL_aRSA,
SSL_eNULL,
SSL_MD5,
- SSL_SSLV3,
- SSL_NOT_DEFAULT | SSL_STRONG_NONE,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_STRONG_NONE,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
SSL_aRSA,
SSL_eNULL,
SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
},
/* Cipher 04 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
{
1,
SSL3_TXT_RSA_RC4_128_MD5,
SSL_aRSA,
SSL_RC4,
SSL_MD5,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
SSL_aRSA,
SSL_RC4,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
},
+#endif
/* Cipher 07 */
#ifndef OPENSSL_NO_IDEA
SSL_aRSA,
SSL_IDEA,
SSL_SHA1,
- SSL_SSLV3,
- SSL_MEDIUM,
+ SSL3_VERSION, TLS1_1_VERSION,
+ DTLS1_VERSION, DTLS1_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
SSL_aRSA,
SSL_3DES,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
SSL_aDSS,
SSL_3DES,
SSL_SHA1,
- SSL_SSLV3,
- SSL_HIGH | SSL_FIPS,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_aRSA,
SSL_3DES,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
},
/* Cipher 18 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
{
1,
SSL3_TXT_ADH_RC4_128_MD5,
SSL_aNULL,
SSL_RC4,
SSL_MD5,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
},
+#endif
/* Cipher 1B */
{
SSL_aNULL,
SSL_3DES,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
SSL_aPSK,
SSL_eNULL,
SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
SSL_aPSK,
SSL_eNULL,
SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
SSL_aRSA,
SSL_eNULL,
SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
SSL_aRSA,
SSL_AES128,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
SSL_aDSS,
SSL_AES128,
SSL_SHA1,
- SSL_SSLV3,
- SSL_HIGH | SSL_FIPS,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
SSL_aRSA,
SSL_AES128,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
SSL_aNULL,
SSL_AES128,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
SSL_aRSA,
SSL_AES256,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
SSL_aDSS,
SSL_AES256,
SSL_SHA1,
- SSL_SSLV3,
- SSL_HIGH | SSL_FIPS,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
SSL_aRSA,
SSL_AES256,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
SSL_aNULL,
SSL_AES256,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
SSL_aRSA,
SSL_eNULL,
SSL_SHA256,
- SSL_TLSV1_2,
- SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
SSL_aRSA,
SSL_AES128,
SSL_SHA256,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
SSL_aRSA,
SSL_AES256,
SSL_SHA256,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
SSL_aDSS,
SSL_AES128,
SSL_SHA256,
- SSL_TLSV1_2,
- SSL_HIGH | SSL_FIPS,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
SSL_aRSA,
SSL_CAMELLIA128,
SSL_SHA1,
- SSL_SSLV3,
- SSL_HIGH,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
SSL_aDSS,
SSL_CAMELLIA128,
SSL_SHA1,
- SSL_SSLV3,
- SSL_HIGH,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
SSL_aRSA,
SSL_CAMELLIA128,
SSL_SHA1,
- SSL_SSLV3,
- SSL_HIGH,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
SSL_aNULL,
SSL_CAMELLIA128,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
SSL_aRSA,
SSL_AES128,
SSL_SHA256,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
SSL_aDSS,
SSL_AES256,
SSL_SHA256,
- SSL_TLSV1_2,
- SSL_HIGH | SSL_FIPS,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
SSL_aRSA,
SSL_AES256,
SSL_SHA256,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
SSL_aNULL,
SSL_AES128,
SSL_SHA256,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
SSL_aNULL,
SSL_AES256,
SSL_SHA256,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
SSL_aGOST01,
SSL_eGOST2814789CNT,
SSL_GOST89MAC,
- SSL_TLSV1,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH,
SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
256,
SSL_aGOST01,
SSL_eNULL,
SSL_GOST94,
- SSL_TLSV1,
- SSL_NOT_DEFAULT | SSL_STRONG_NONE,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_STRONG_NONE,
SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
0,
0
SSL_aRSA,
SSL_CAMELLIA256,
SSL_SHA1,
- SSL_SSLV3,
- SSL_HIGH,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
SSL_aDSS,
SSL_CAMELLIA256,
SSL_SHA1,
- SSL_SSLV3,
- SSL_HIGH,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
SSL_aRSA,
SSL_CAMELLIA256,
SSL_SHA1,
- SSL_SSLV3,
- SSL_HIGH,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
SSL_aNULL,
SSL_CAMELLIA256,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
#ifndef OPENSSL_NO_PSK
/* PSK ciphersuites from RFC 4279 */
/* Cipher 8A */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
{
1,
TLS1_TXT_PSK_WITH_RC4_128_SHA,
SSL_aPSK,
SSL_RC4,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
},
+#endif
/* Cipher 8B */
{
SSL_aPSK,
SSL_3DES,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
SSL_aPSK,
SSL_AES128,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
SSL_aPSK,
SSL_AES256,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
},
/* Cipher 8E */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
{
1,
TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA,
SSL_aPSK,
SSL_RC4,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
},
+#endif
/* Cipher 8F */
{
SSL_aPSK,
SSL_3DES,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
SSL_aPSK,
SSL_AES128,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
SSL_aPSK,
SSL_AES256,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
},
/* Cipher 92 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
{
1,
TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA,
SSL_aRSA,
SSL_RC4,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
},
+#endif
/* Cipher 93 */
{
SSL_aRSA,
SSL_3DES,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
SSL_aRSA,
SSL_AES128,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
SSL_aRSA,
SSL_AES256,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
SSL_aRSA,
SSL_SEED,
SSL_SHA1,
- SSL_SSLV3,
- SSL_MEDIUM,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
SSL_aDSS,
SSL_SEED,
SSL_SHA1,
- SSL_SSLV3,
- SSL_MEDIUM,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
SSL_aRSA,
SSL_SEED,
SSL_SHA1,
- SSL_SSLV3,
- SSL_MEDIUM,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
SSL_aNULL,
SSL_SEED,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
SSL_aRSA,
SSL_AES128GCM,
SSL_AEAD,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
SSL_aRSA,
SSL_AES256GCM,
SSL_AEAD,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
256,
SSL_aRSA,
SSL_AES128GCM,
SSL_AEAD,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
SSL_aRSA,
SSL_AES256GCM,
SSL_AEAD,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
256,
SSL_aDSS,
SSL_AES128GCM,
SSL_AEAD,
- SSL_TLSV1_2,
- SSL_HIGH | SSL_FIPS,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
128,
SSL_aDSS,
SSL_AES256GCM,
SSL_AEAD,
- SSL_TLSV1_2,
- SSL_HIGH | SSL_FIPS,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
256,
256,
SSL_aNULL,
SSL_AES128GCM,
SSL_AEAD,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
SSL_aNULL,
SSL_AES256GCM,
SSL_AEAD,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
256,
SSL_aPSK,
SSL_AES128GCM,
SSL_AEAD,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
SSL_aPSK,
SSL_AES256GCM,
SSL_AEAD,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
256,
SSL_aPSK,
SSL_AES128GCM,
SSL_AEAD,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
SSL_aPSK,
SSL_AES256GCM,
SSL_AEAD,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
256,
SSL_aRSA,
SSL_AES128GCM,
SSL_AEAD,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
SSL_aRSA,
SSL_AES256GCM,
SSL_AEAD,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
256,
SSL_aPSK,
SSL_AES128,
SSL_SHA256,
- SSL_TLSV1,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
SSL_aPSK,
SSL_AES256,
SSL_SHA384,
- SSL_TLSV1,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
256,
SSL_aPSK,
SSL_eNULL,
SSL_SHA256,
- SSL_TLSV1,
- SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
SSL_aPSK,
SSL_eNULL,
SSL_SHA384,
- SSL_TLSV1,
- SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
0,
0,
SSL_aPSK,
SSL_AES128,
SSL_SHA256,
- SSL_TLSV1,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
SSL_aPSK,
SSL_AES256,
SSL_SHA384,
- SSL_TLSV1,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
256,
SSL_aPSK,
SSL_eNULL,
SSL_SHA256,
- SSL_TLSV1,
- SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
SSL_aPSK,
SSL_eNULL,
SSL_SHA384,
- SSL_TLSV1,
- SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
0,
0,
SSL_aRSA,
SSL_AES128,
SSL_SHA256,
- SSL_TLSV1,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
SSL_aRSA,
SSL_AES256,
SSL_SHA384,
- SSL_TLSV1,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
256,
SSL_aRSA,
SSL_eNULL,
SSL_SHA256,
- SSL_TLSV1,
- SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
SSL_aRSA,
SSL_eNULL,
SSL_SHA384,
- SSL_TLSV1,
- SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
0,
0,
SSL_aRSA,
SSL_CAMELLIA128,
SSL_SHA256,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
128,
SSL_aDSS,
SSL_CAMELLIA128,
SSL_SHA256,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
128,
SSL_aRSA,
SSL_CAMELLIA128,
SSL_SHA256,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
128,
SSL_aNULL,
SSL_CAMELLIA128,
SSL_SHA256,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
SSL_aRSA,
SSL_CAMELLIA256,
SSL_SHA256,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
256,
SSL_aDSS,
SSL_CAMELLIA256,
SSL_SHA256,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
256,
SSL_aRSA,
SSL_CAMELLIA256,
SSL_SHA256,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
256,
SSL_aNULL,
SSL_CAMELLIA256,
SSL_SHA256,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
},
#endif
-#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
- /* Cipher FF */
- {
- 1,
- "SCSV",
- SSL3_CK_SCSV,
- 0,
- 0,
- 0,
- 0,
- 0,
- 0,
- 0,
- 0,
- 0},
-#endif
-
#ifndef OPENSSL_NO_EC
/* Cipher C006 */
SSL_aECDSA,
SSL_eNULL,
SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
},
/* Cipher C007 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
{
1,
TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
SSL_aECDSA,
SSL_RC4,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
},
+#endif
/* Cipher C008 */
{
SSL_aECDSA,
SSL_3DES,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
SSL_aECDSA,
SSL_AES128,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
SSL_aECDSA,
SSL_AES256,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
SSL_aRSA,
SSL_eNULL,
SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
},
/* Cipher C011 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
{
1,
TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
SSL_aRSA,
SSL_RC4,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
},
+#endif
/* Cipher C012 */
{
SSL_aRSA,
SSL_3DES,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
SSL_aRSA,
SSL_AES128,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
SSL_aRSA,
SSL_AES256,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
SSL_aNULL,
SSL_eNULL,
SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
},
/* Cipher C016 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
{
1,
TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
SSL_aNULL,
SSL_RC4,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
},
+#endif
/* Cipher C017 */
{
SSL_aNULL,
SSL_3DES,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
SSL_aNULL,
SSL_AES128,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
SSL_aNULL,
SSL_AES256,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
SSL_aSRP,
SSL_3DES,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
SSL_aRSA,
SSL_3DES,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
SSL_aDSS,
SSL_3DES,
SSL_SHA1,
- SSL_SSLV3,
- SSL_HIGH,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
SSL_aSRP,
SSL_AES128,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
SSL_aRSA,
SSL_AES128,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
SSL_aDSS,
SSL_AES128,
SSL_SHA1,
- SSL_SSLV3,
- SSL_HIGH,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
SSL_aSRP,
SSL_AES256,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
SSL_aRSA,
SSL_AES256,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
SSL_aDSS,
SSL_AES256,
SSL_SHA1,
- SSL_SSLV3,
- SSL_HIGH,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
SSL_aECDSA,
SSL_AES128,
SSL_SHA256,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
SSL_aECDSA,
SSL_AES256,
SSL_SHA384,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
256,
SSL_aRSA,
SSL_AES128,
SSL_SHA256,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
SSL_aRSA,
SSL_AES256,
SSL_SHA384,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
256,
SSL_aECDSA,
SSL_AES128GCM,
SSL_AEAD,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
SSL_aECDSA,
SSL_AES256GCM,
SSL_AEAD,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
256,
SSL_aRSA,
SSL_AES128GCM,
SSL_AEAD,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
SSL_aRSA,
SSL_AES256GCM,
SSL_AEAD,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
256,
/* PSK ciphersuites from RFC 5489 */
/* Cipher C033 */
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
{
1,
TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA,
SSL_aPSK,
SSL_RC4,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
},
+#endif
/* Cipher C034 */
{
SSL_aPSK,
SSL_3DES,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
SSL_aPSK,
SSL_AES128,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
SSL_aPSK,
SSL_AES256,
SSL_SHA1,
- SSL_SSLV3,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
SSL_aPSK,
SSL_AES128,
SSL_SHA256,
- SSL_TLSV1,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
SSL_aPSK,
SSL_AES256,
SSL_SHA384,
- SSL_TLSV1,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
256,
SSL_aPSK,
SSL_eNULL,
SSL_SHA1,
- SSL_SSLV3,
- SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+ SSL3_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
SSL_aPSK,
SSL_eNULL,
SSL_SHA256,
- SSL_TLSV1,
- SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
SSL_aPSK,
SSL_eNULL,
SSL_SHA384,
- SSL_TLSV1,
- SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
0,
0,
SSL_aECDSA,
SSL_CAMELLIA128,
SSL_SHA256,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
128},
SSL_aECDSA,
SSL_CAMELLIA256,
SSL_SHA384,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
256,
256},
SSL_aRSA,
SSL_CAMELLIA128,
SSL_SHA256,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
128},
SSL_aRSA,
SSL_CAMELLIA256,
SSL_SHA384,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
256,
256},
SSL_aPSK,
SSL_CAMELLIA128,
SSL_SHA256,
- SSL_TLSV1,
- SSL_HIGH,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128},
SSL_aPSK,
SSL_CAMELLIA256,
SSL_SHA384,
- SSL_TLSV1,
- SSL_HIGH,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
256,
256},
SSL_aPSK,
SSL_CAMELLIA128,
SSL_SHA256,
- SSL_TLSV1,
- SSL_HIGH,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128},
SSL_aPSK,
SSL_CAMELLIA256,
SSL_SHA384,
- SSL_TLSV1,
- SSL_HIGH,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
256,
256},
SSL_aRSA,
SSL_CAMELLIA128,
SSL_SHA256,
- SSL_TLSV1,
- SSL_HIGH,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128},
SSL_aRSA,
SSL_CAMELLIA256,
SSL_SHA384,
- SSL_TLSV1,
- SSL_HIGH,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
256,
256},
SSL_aPSK,
SSL_CAMELLIA128,
SSL_SHA256,
- SSL_TLSV1,
- SSL_HIGH,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128},
SSL_aPSK,
SSL_CAMELLIA256,
SSL_SHA384,
- SSL_TLSV1,
- SSL_HIGH,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
256,
256},
SSL_aRSA,
SSL_AES128CCM,
SSL_AEAD,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
128,
SSL_aRSA,
SSL_AES256CCM,
SSL_AEAD,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
256,
SSL_aRSA,
SSL_AES128CCM,
SSL_AEAD,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
128,
SSL_aRSA,
SSL_AES256CCM,
SSL_AEAD,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
256,
SSL_aRSA,
SSL_AES128CCM8,
SSL_AEAD,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
128,
SSL_aRSA,
SSL_AES256CCM8,
SSL_AEAD,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
256,
SSL_aRSA,
SSL_AES128CCM8,
SSL_AEAD,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
128,
SSL_aRSA,
SSL_AES256CCM8,
SSL_AEAD,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
256,
SSL_aPSK,
SSL_AES128CCM,
SSL_AEAD,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
128,
SSL_aPSK,
SSL_AES256CCM,
SSL_AEAD,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
256,
SSL_aPSK,
SSL_AES128CCM,
SSL_AEAD,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
128,
SSL_aPSK,
SSL_AES256CCM,
SSL_AEAD,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
256,
SSL_aPSK,
SSL_AES128CCM8,
SSL_AEAD,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
128,
SSL_aPSK,
SSL_AES256CCM8,
SSL_AEAD,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
256,
SSL_aPSK,
SSL_AES128CCM8,
SSL_AEAD,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
128,
SSL_aPSK,
SSL_AES256CCM8,
SSL_AEAD,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
256,
SSL_aECDSA,
SSL_AES128CCM,
SSL_AEAD,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
128,
SSL_aECDSA,
SSL_AES256CCM,
SSL_AEAD,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
256,
SSL_aECDSA,
SSL_AES128CCM8,
SSL_AEAD,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
128,
SSL_aECDSA,
SSL_AES256CCM8,
SSL_AEAD,
- SSL_TLSV1_2,
- SSL_HIGH,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
256,
},
#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
# ifndef OPENSSL_NO_EC
- /* Cipher CCA8 as per draft-ietf-tls-chacha20-poly1305-03 */
+ /* Cipher CCA8 */
{
1,
TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
SSL_aRSA,
SSL_CHACHA20POLY1305,
SSL_AEAD,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
SSL_aECDSA,
SSL_CHACHA20POLY1305,
SSL_AEAD,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
SSL_aRSA,
SSL_CHACHA20POLY1305,
SSL_AEAD,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
SSL_aPSK,
SSL_CHACHA20POLY1305,
SSL_AEAD,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
SSL_aPSK,
SSL_CHACHA20POLY1305,
SSL_AEAD,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
SSL_aPSK,
SSL_CHACHA20POLY1305,
SSL_AEAD,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
SSL_aRSA,
SSL_CHACHA20POLY1305,
SSL_AEAD,
- SSL_TLSV1_2,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
SSL_aGOST12 | SSL_aGOST01,
SSL_eGOST2814789CNT12,
SSL_GOST89MAC12,
- SSL_TLSV1,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_HIGH,
SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
256,
SSL_aGOST12 | SSL_aGOST01,
SSL_eNULL,
SSL_GOST12_256,
- SSL_TLSV1,
+ TLS1_VERSION, TLS1_2_VERSION,
+ DTLS1_VERSION, DTLS1_2_VERSION,
SSL_STRONG_NONE,
SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
0,
OPENSSL_free(s->s3->tmp.peer_sigalgs);
ssl3_free_digest_list(s);
OPENSSL_free(s->s3->alpn_selected);
+ OPENSSL_free(s->s3->alpn_proposed);
#ifndef OPENSSL_NO_SRP
SSL_SRP_CTX_free(s);
ssl3_cleanup_key_block(s);
sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
OPENSSL_free(s->s3->tmp.ciphers_raw);
- s->s3->tmp.ciphers_raw = NULL;
OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen);
- s->s3->tmp.pms = NULL;
OPENSSL_free(s->s3->tmp.peer_sigalgs);
- s->s3->tmp.peer_sigalgs = NULL;
-#ifndef OPENSSL_NO_EC
- s->s3->is_probably_safari = 0;
-#endif
#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
EVP_PKEY_free(s->s3->tmp.pkey);
- s->s3->tmp.pkey = NULL;
EVP_PKEY_free(s->s3->peer_tmp);
- s->s3->peer_tmp = NULL;
#endif /* !OPENSSL_NO_EC */
ssl3_free_digest_list(s);
- if (s->s3->alpn_selected) {
- OPENSSL_free(s->s3->alpn_selected);
- s->s3->alpn_selected = NULL;
- }
+ OPENSSL_free(s->s3->alpn_selected);
+ OPENSSL_free(s->s3->alpn_proposed);
+ /* NULL/zero-out everything in the s3 struct */
memset(s->s3, 0, sizeof(*s->s3));
ssl_free_wbio_buffer(s);
- s->s3->renegotiate = 0;
- s->s3->total_renegotiations = 0;
- s->s3->num_renegotiations = 0;
- s->s3->in_read_app_data = 0;
s->version = SSL3_VERSION;
#if !defined(OPENSSL_NO_NEXTPROTONEG)
id = 0x03000000 | ((uint32_t)p[0] << 8L) | (uint32_t)p[1];
c.id = id;
cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
-#ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES
- if (cp == NULL)
- fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]);
-#endif
return cp;
}
return (2);
}
+/*
+ * ssl3_choose_cipher - choose a cipher from those offered by the client
+ * @s: SSL connection
+ * @clnt: ciphers offered by the client
+ * @srvr: ciphers enabled on the server?
+ *
+ * Returns the selected cipher or NULL when no common ciphers.
+ */
const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
STACK_OF(SSL_CIPHER) *srvr)
{
}
tls1_set_cert_validity(s);
+ ssl_set_masks(s);
for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
c = sk_SSL_CIPHER_value(prio, i);
- /* Skip TLS v1.2 only ciphersuites if not supported */
- if ((c->algorithm_ssl & SSL_TLSV1_2) && !SSL_USE_TLS1_2_CIPHERS(s))
+ /* Skip ciphers not supported by the protocol version */
+ if (!SSL_IS_DTLS(s) &&
+ ((s->version < c->min_tls) || (s->version > c->max_tls)))
continue;
- /* Skip TLS v1.0 ciphersuites if SSLv3 */
- if ((c->algorithm_ssl & SSL_TLSV1) && s->version == SSL3_VERSION)
+ if (SSL_IS_DTLS(s) &&
+ (DTLS_VERSION_LT(s->version, c->min_dtls) ||
+ DTLS_VERSION_GT(s->version, c->max_dtls)))
continue;
- ssl_set_masks(s, c);
mask_k = s->s3->tmp.mask_k;
mask_a = s->s3->tmp.mask_a;
#ifndef OPENSSL_NO_SRP
projects / openssl.git / blobdiff