* are currently broken and should be considered mission impossible in libssl.
*/
static const uint32_t default_ciphers_in_order[] = {
+#ifndef OPENSSL_NO_TLS1_3
+ TLS1_3_CK_AES_256_GCM_SHA384,
+# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
+ TLS1_3_CK_CHACHA20_POLY1305_SHA256,
+# endif
+ TLS1_3_CK_AES_128_GCM_SHA256,
+#endif
#ifndef OPENSSL_NO_TLS1_2
# ifndef OPENSSL_NO_EC
TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
#endif
-#ifndef OPENSSL_NO_TLS1_3
- TLS1_3_CK_AES_256_GCM_SHA384,
-# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
- TLS1_3_CK_CHACHA20_POLY1305_SHA256,
-# endif
- TLS1_3_CK_AES_128_GCM_SHA256,
-#endif
#ifndef OPENSSL_NO_TLS1_2
TLS1_CK_RSA_WITH_AES_256_SHA256,
TLS1_CK_RSA_WITH_AES_128_SHA256,
projects / openssl.git / blobdiff