Replace L suffix with U

Reviewed-by: Andy Polyakov <appro@openssl.org>

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index dbef25530dd9b5a734956c68ae486eaef632d871..28322eb55d4d6e976b7a6aff23ff7a708d9dd37b 100644 (file)
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -357,17 +357,17 @@ typedef int (*custom_ext_parse_cb) (SSL *s, unsigned int ext_type,
                                     size_t inlen, int *al, void *parse_arg);
 
 /* Allow initial connection to servers that don't support RI */
                                     size_t inlen, int *al, void *parse_arg);
 
 /* Allow initial connection to servers that don't support RI */

-# define SSL_OP_LEGACY_SERVER_CONNECT                    0x00000004L
+# define SSL_OP_LEGACY_SERVER_CONNECT                    0x00000004U

 /* Removed from OpenSSL 0.9.8q and 1.0.0c */
 /* Dead forever, see CVE-2010-4180. */
 /* Removed from OpenSSL 0.9.8q and 1.0.0c */
 /* Dead forever, see CVE-2010-4180. */

-# define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG         0x0L
-# define SSL_OP_TLSEXT_PADDING                           0x00000010L
-# define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER               0x00000020L
-# define SSL_OP_SAFARI_ECDHE_ECDSA_BUG                   0x00000040L
-# define SSL_OP_SSLEAY_080_CLIENT_DH_BUG                 0x00000080L
-# define SSL_OP_TLS_D5_BUG                               0x00000100L
+# define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG         0x0U
+# define SSL_OP_TLSEXT_PADDING                           0x00000010U
+# define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER               0x00000020U
+# define SSL_OP_SAFARI_ECDHE_ECDSA_BUG                   0x00000040U
+# define SSL_OP_SSLEAY_080_CLIENT_DH_BUG                 0x00000080U
+# define SSL_OP_TLS_D5_BUG                               0x00000100U

 /* Removed from OpenSSL 1.1.0 */
 /* Removed from OpenSSL 1.1.0 */

-# define SSL_OP_TLS_BLOCK_PADDING_BUG                    0x0L
+# define SSL_OP_TLS_BLOCK_PADDING_BUG                    0x0U

 
 /* Hasn't done anything since OpenSSL 0.9.7h, retained for compatibility */
 # define SSL_OP_MSIE_SSLV2_RSA_PADDING                   0x0
 
 /* Hasn't done anything since OpenSSL 0.9.7h, retained for compatibility */
 # define SSL_OP_MSIE_SSLV2_RSA_PADDING                   0x0


@@ -385,55 +385,55 @@ typedef int (*custom_ext_parse_cb) (SSL *s, unsigned int ext_type,
  * SSL_OP_ALL.
  */
 /* added in 0.9.6e */
  * SSL_OP_ALL.
  */
 /* added in 0.9.6e */

-# define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS              0x00000800L
+# define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS              0x00000800U

 
 /*
  * SSL_OP_ALL: various bug workarounds that should be rather harmless.  This
  * used to be 0x000FFFFFL before 0.9.7.
  */
 
 /*
  * SSL_OP_ALL: various bug workarounds that should be rather harmless.  This
  * used to be 0x000FFFFFL before 0.9.7.
  */

-# define SSL_OP_ALL                                      0x80000BFFL
+# define SSL_OP_ALL                                      0x80000BFFU

 
 /* DTLS options */
 
 /* DTLS options */

-# define SSL_OP_NO_QUERY_MTU                 0x00001000L
+# define SSL_OP_NO_QUERY_MTU                 0x00001000U

 /* Turn on Cookie Exchange (on relevant for servers) */
 /* Turn on Cookie Exchange (on relevant for servers) */

-# define SSL_OP_COOKIE_EXCHANGE              0x00002000L
+# define SSL_OP_COOKIE_EXCHANGE              0x00002000U

 /* Don't use RFC4507 ticket extension */
 /* Don't use RFC4507 ticket extension */

-# define SSL_OP_NO_TICKET                    0x00004000L
+# define SSL_OP_NO_TICKET                    0x00004000U

 /* Use Cisco's "speshul" version of DTLS_BAD_VER (as client)  */
 /* Use Cisco's "speshul" version of DTLS_BAD_VER (as client)  */

-# define SSL_OP_CISCO_ANYCONNECT             0x00008000L
+# define SSL_OP_CISCO_ANYCONNECT             0x00008000U

 
 /* As server, disallow session resumption on renegotiation */
 
 /* As server, disallow session resumption on renegotiation */

-# define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION   0x00010000L
+# define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION   0x00010000U

 /* Don't use compression even if supported */
 /* Don't use compression even if supported */

-# define SSL_OP_NO_COMPRESSION                           0x00020000L
+# define SSL_OP_NO_COMPRESSION                           0x00020000U

 /* Permit unsafe legacy renegotiation */
 /* Permit unsafe legacy renegotiation */

-# define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION        0x00040000L
+# define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION        0x00040000U

 /* If set, always create a new key when using tmp_ecdh parameters */
 /* If set, always create a new key when using tmp_ecdh parameters */

-# define SSL_OP_SINGLE_ECDH_USE                          0x00080000L
+# define SSL_OP_SINGLE_ECDH_USE                          0x00080000U

 /* If set, always create a new key when using tmp_dh parameters */
 /* If set, always create a new key when using tmp_dh parameters */

-# define SSL_OP_SINGLE_DH_USE                            0x00100000L
+# define SSL_OP_SINGLE_DH_USE                            0x00100000U

 /* Does nothing: retained for compatibiity */
 # define SSL_OP_EPHEMERAL_RSA                            0x0
 /*
  * Set on servers to choose the cipher according to the server's preferences
  */
 /* Does nothing: retained for compatibiity */
 # define SSL_OP_EPHEMERAL_RSA                            0x0
 /*
  * Set on servers to choose the cipher according to the server's preferences
  */

-# define SSL_OP_CIPHER_SERVER_PREFERENCE                 0x00400000L
+# define SSL_OP_CIPHER_SERVER_PREFERENCE                 0x00400000U

 /*
  * If set, a server will allow a client to issue a SSLv3.0 version number as
  * latest version supported in the premaster secret, even when TLSv1.0
  * (version 3.1) was announced in the client hello. Normally this is
  * forbidden to prevent version rollback attacks.
  */
 /*
  * If set, a server will allow a client to issue a SSLv3.0 version number as
  * latest version supported in the premaster secret, even when TLSv1.0
  * (version 3.1) was announced in the client hello. Normally this is
  * forbidden to prevent version rollback attacks.
  */

-# define SSL_OP_TLS_ROLLBACK_BUG                         0x00800000L
+# define SSL_OP_TLS_ROLLBACK_BUG                         0x00800000U

 
 

-# define SSL_OP_NO_SSLv2                                 0x00000000L
-# define SSL_OP_NO_SSLv3                                 0x02000000L
-# define SSL_OP_NO_TLSv1                                 0x04000000L
-# define SSL_OP_NO_TLSv1_2                               0x08000000L
-# define SSL_OP_NO_TLSv1_1                               0x10000000L
+# define SSL_OP_NO_SSLv2                                 0x00000000U
+# define SSL_OP_NO_SSLv3                                 0x02000000U
+# define SSL_OP_NO_TLSv1                                 0x04000000U
+# define SSL_OP_NO_TLSv1_2                               0x08000000U
+# define SSL_OP_NO_TLSv1_1                               0x10000000U

 
 

-# define SSL_OP_NO_DTLSv1                                0x04000000L
-# define SSL_OP_NO_DTLSv1_2                              0x08000000L
+# define SSL_OP_NO_DTLSv1                                0x04000000U
+# define SSL_OP_NO_DTLSv1_2                              0x08000000U

 
 # define SSL_OP_NO_SSL_MASK (SSL_OP_NO_SSLv3|\
         SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1_2)
 
 # define SSL_OP_NO_SSL_MASK (SSL_OP_NO_SSLv3|\
         SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1_2)


@@ -442,45 +442,45 @@ typedef int (*custom_ext_parse_cb) (SSL *s, unsigned int ext_type,
 # define SSL_OP_PKCS1_CHECK_1                            0x0
 # define SSL_OP_PKCS1_CHECK_2                            0x0
 # define SSL_OP_NETSCAPE_CA_DN_BUG                       0x0
 # define SSL_OP_PKCS1_CHECK_1                            0x0
 # define SSL_OP_PKCS1_CHECK_2                            0x0
 # define SSL_OP_NETSCAPE_CA_DN_BUG                       0x0

-# define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG          0x0L
+# define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG          0x0U

 /*
  * Make server add server-hello extension from early version of cryptopro
  * draft, when GOST ciphersuite is negotiated. Required for interoperability
  * with CryptoPro CSP 3.x
  */
 /*
  * Make server add server-hello extension from early version of cryptopro
  * draft, when GOST ciphersuite is negotiated. Required for interoperability
  * with CryptoPro CSP 3.x
  */

-# define SSL_OP_CRYPTOPRO_TLSEXT_BUG                     0x80000000L
+# define SSL_OP_CRYPTOPRO_TLSEXT_BUG                     0x80000000U

 
 /*
  * Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
  * when just a single record has been written):
  */
 
 /*
  * Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
  * when just a single record has been written):
  */

-# define SSL_MODE_ENABLE_PARTIAL_WRITE       0x00000001L
+# define SSL_MODE_ENABLE_PARTIAL_WRITE       0x00000001U

 /*
  * Make it possible to retry SSL_write() with changed buffer location (buffer
  * contents must stay the same!); this is not the default to avoid the
  * misconception that non-blocking SSL_write() behaves like non-blocking
  * write():
  */
 /*
  * Make it possible to retry SSL_write() with changed buffer location (buffer
  * contents must stay the same!); this is not the default to avoid the
  * misconception that non-blocking SSL_write() behaves like non-blocking
  * write():
  */

-# define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L
+# define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002U

 /*
  * Never bother the application with retries if the transport is blocking:
  */
 /*
  * Never bother the application with retries if the transport is blocking:
  */

-# define SSL_MODE_AUTO_RETRY 0x00000004L
+# define SSL_MODE_AUTO_RETRY 0x00000004U

 /* Don't attempt to automatically build certificate chain */
 /* Don't attempt to automatically build certificate chain */

-# define SSL_MODE_NO_AUTO_CHAIN 0x00000008L
+# define SSL_MODE_NO_AUTO_CHAIN 0x00000008U

 /*
  * Save RAM by releasing read and write buffers when they're empty. (SSL3 and
  * TLS only.) "Released" buffers are put onto a free-list in the context or
  * just freed (depending on the context's setting for freelist_max_len).
  */
 /*
  * Save RAM by releasing read and write buffers when they're empty. (SSL3 and
  * TLS only.) "Released" buffers are put onto a free-list in the context or
  * just freed (depending on the context's setting for freelist_max_len).
  */

-# define SSL_MODE_RELEASE_BUFFERS 0x00000010L
+# define SSL_MODE_RELEASE_BUFFERS 0x00000010U

 /*
  * Send the current time in the Random fields of the ClientHello and
  * ServerHello records for compatibility with hypothetical implementations
  * that require it.
  */
 /*
  * Send the current time in the Random fields of the ClientHello and
  * ServerHello records for compatibility with hypothetical implementations
  * that require it.
  */

-# define SSL_MODE_SEND_CLIENTHELLO_TIME 0x00000020L
-# define SSL_MODE_SEND_SERVERHELLO_TIME 0x00000040L
+# define SSL_MODE_SEND_CLIENTHELLO_TIME 0x00000020U
+# define SSL_MODE_SEND_SERVERHELLO_TIME 0x00000040U

 /*
  * Send TLS_FALLBACK_SCSV in the ClientHello. To be set only by applications
  * that reconnect with a downgraded protocol version; see
 /*
  * Send TLS_FALLBACK_SCSV in the ClientHello. To be set only by applications
  * that reconnect with a downgraded protocol version; see


@@ -489,14 +489,14 @@ typedef int (*custom_ext_parse_cb) (SSL *s, unsigned int ext_type,
  * fallback retries, following the guidance in
  * draft-ietf-tls-downgrade-scsv-00.
  */
  * fallback retries, following the guidance in
  * draft-ietf-tls-downgrade-scsv-00.
  */

-# define SSL_MODE_SEND_FALLBACK_SCSV 0x00000080L
+# define SSL_MODE_SEND_FALLBACK_SCSV 0x00000080U

 
 /* Cert related flags */
 /*
  * Many implementations ignore some aspects of the TLS standards such as
  * enforcing certifcate chain algorithms. When this is set we enforce them.
  */
 
 /* Cert related flags */
 /*
  * Many implementations ignore some aspects of the TLS standards such as
  * enforcing certifcate chain algorithms. When this is set we enforce them.
  */

-# define SSL_CERT_FLAG_TLS_STRICT                0x00000001L
+# define SSL_CERT_FLAG_TLS_STRICT                0x00000001U

 
 /* Suite B modes, takes same values as certificate verify flags */
 # define SSL_CERT_FLAG_SUITEB_128_LOS_ONLY       0x10000
 
 /* Suite B modes, takes same values as certificate verify flags */
 # define SSL_CERT_FLAG_SUITEB_128_LOS_ONLY       0x10000

diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 74fdec683f1b0a81dbc4f00b10a5a31a210fa69a..e174def656a2c938d83dfcfe8d35b66923594021 100644 (file)
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -293,33 +293,33 @@
 
 /* Bits for algorithm_mkey (key exchange algorithm) */
 /* RSA key exchange */
 
 /* Bits for algorithm_mkey (key exchange algorithm) */
 /* RSA key exchange */

-# define SSL_kRSA                0x00000001L
+# define SSL_kRSA                0x00000001U

 /* DH cert, RSA CA cert */
 /* DH cert, RSA CA cert */

-# define SSL_kDHr                0x00000002L
+# define SSL_kDHr                0x00000002U

 /* DH cert, DSA CA cert */
 /* DH cert, DSA CA cert */

-# define SSL_kDHd                0x00000004L
+# define SSL_kDHd                0x00000004U

 /* tmp DH key no DH cert */
 /* tmp DH key no DH cert */

-# define SSL_kDHE                0x00000008L
+# define SSL_kDHE                0x00000008U

 /* synonym */
 # define SSL_kEDH                SSL_kDHE
 /* ECDH cert, RSA CA cert */
 /* synonym */
 # define SSL_kEDH                SSL_kDHE
 /* ECDH cert, RSA CA cert */

-# define SSL_kECDHr              0x00000020L
+# define SSL_kECDHr              0x00000020U

 /* ECDH cert, ECDSA CA cert */
 /* ECDH cert, ECDSA CA cert */

-# define SSL_kECDHe              0x00000040L
+# define SSL_kECDHe              0x00000040U

 /* ephemeral ECDH */
 /* ephemeral ECDH */

-# define SSL_kECDHE              0x00000080L
+# define SSL_kECDHE              0x00000080U

 /* synonym */
 # define SSL_kEECDH              SSL_kECDHE
 /* PSK */
 /* synonym */
 # define SSL_kEECDH              SSL_kECDHE
 /* PSK */

-# define SSL_kPSK                0x00000100L
+# define SSL_kPSK                0x00000100U

 /* GOST key exchange */
 /* GOST key exchange */

-# define SSL_kGOST       0x00000200L
+# define SSL_kGOST       0x00000200U

 /* SRP */
 /* SRP */

-# define SSL_kSRP        0x00000400L
+# define SSL_kSRP        0x00000400U

 
 

-# define SSL_kRSAPSK             0x00000800L
-# define SSL_kECDHEPSK           0x00001000L
-# define SSL_kDHEPSK             0x00002000L
+# define SSL_kRSAPSK             0x00000800U
+# define SSL_kECDHEPSK           0x00001000U
+# define SSL_kDHEPSK             0x00002000U

 
 /* all PSK */
 
 
 /* all PSK */
 


@@ -327,62 +327,62 @@
 
 /* Bits for algorithm_auth (server authentication) */
 /* RSA auth */
 
 /* Bits for algorithm_auth (server authentication) */
 /* RSA auth */

-# define SSL_aRSA                0x00000001L
+# define SSL_aRSA                0x00000001U

 /* DSS auth */
 /* DSS auth */

-# define SSL_aDSS                0x00000002L
+# define SSL_aDSS                0x00000002U

 /* no auth (i.e. use ADH or AECDH) */
 /* no auth (i.e. use ADH or AECDH) */

-# define SSL_aNULL               0x00000004L
+# define SSL_aNULL               0x00000004U

 /* Fixed DH auth (kDHd or kDHr) */
 /* Fixed DH auth (kDHd or kDHr) */

-# define SSL_aDH                 0x00000008L
+# define SSL_aDH                 0x00000008U

 /* Fixed ECDH auth (kECDHe or kECDHr) */
 /* Fixed ECDH auth (kECDHe or kECDHr) */

-# define SSL_aECDH               0x00000010L
+# define SSL_aECDH               0x00000010U

 /* ECDSA auth*/
 /* ECDSA auth*/

-# define SSL_aECDSA              0x00000040L
+# define SSL_aECDSA              0x00000040U

 /* PSK auth */
 /* PSK auth */

-# define SSL_aPSK                0x00000080L
+# define SSL_aPSK                0x00000080U

 /* GOST R 34.10-2001 signature auth */
 /* GOST R 34.10-2001 signature auth */

-# define SSL_aGOST01                     0x00000200L
+# define SSL_aGOST01                     0x00000200U

 /* SRP auth */
 /* SRP auth */

-# define SSL_aSRP                0x00000400L
+# define SSL_aSRP                0x00000400U

 
 /* Bits for algorithm_enc (symmetric encryption) */
 
 /* Bits for algorithm_enc (symmetric encryption) */

-# define SSL_DES                 0x00000001L
-# define SSL_3DES                0x00000002L
-# define SSL_RC4                 0x00000004L
-# define SSL_RC2                 0x00000008L
-# define SSL_IDEA                0x00000010L
-# define SSL_eNULL               0x00000020L
-# define SSL_AES128              0x00000040L
-# define SSL_AES256              0x00000080L
-# define SSL_CAMELLIA128         0x00000100L
-# define SSL_CAMELLIA256         0x00000200L
-# define SSL_eGOST2814789CNT     0x00000400L
-# define SSL_SEED                0x00000800L
-# define SSL_AES128GCM           0x00001000L
-# define SSL_AES256GCM           0x00002000L
-# define SSL_AES128CCM           0x00004000L
-# define SSL_AES256CCM           0x00008000L
-# define SSL_AES128CCM8          0x00010000L
-# define SSL_AES256CCM8          0x00020000L
+# define SSL_DES                 0x00000001U
+# define SSL_3DES                0x00000002U
+# define SSL_RC4                 0x00000004U
+# define SSL_RC2                 0x00000008U
+# define SSL_IDEA                0x00000010U
+# define SSL_eNULL               0x00000020U
+# define SSL_AES128              0x00000040U
+# define SSL_AES256              0x00000080U
+# define SSL_CAMELLIA128         0x00000100U
+# define SSL_CAMELLIA256         0x00000200U
+# define SSL_eGOST2814789CNT     0x00000400U
+# define SSL_SEED                0x00000800U
+# define SSL_AES128GCM           0x00001000U
+# define SSL_AES256GCM           0x00002000U
+# define SSL_AES128CCM           0x00004000U
+# define SSL_AES256CCM           0x00008000U
+# define SSL_AES128CCM8          0x00010000U
+# define SSL_AES256CCM8          0x00020000U

 
 # define SSL_AES                 (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM|SSL_AES128CCM|SSL_AES256CCM|SSL_AES128CCM8|SSL_AES256CCM8)
 # define SSL_CAMELLIA            (SSL_CAMELLIA128|SSL_CAMELLIA256)
 
 /* Bits for algorithm_mac (symmetric authentication) */
 
 
 # define SSL_AES                 (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM|SSL_AES128CCM|SSL_AES256CCM|SSL_AES128CCM8|SSL_AES256CCM8)
 # define SSL_CAMELLIA            (SSL_CAMELLIA128|SSL_CAMELLIA256)
 
 /* Bits for algorithm_mac (symmetric authentication) */
 

-# define SSL_MD5                 0x00000001L
-# define SSL_SHA1                0x00000002L
-# define SSL_GOST94      0x00000004L
-# define SSL_GOST89MAC   0x00000008L
-# define SSL_SHA256              0x00000010L
-# define SSL_SHA384              0x00000020L
+# define SSL_MD5                 0x00000001U
+# define SSL_SHA1                0x00000002U
+# define SSL_GOST94      0x00000004U
+# define SSL_GOST89MAC   0x00000008U
+# define SSL_SHA256              0x00000010U
+# define SSL_SHA384              0x00000020U

 /* Not a real MAC, just an indication it is part of cipher */
 /* Not a real MAC, just an indication it is part of cipher */

-# define SSL_AEAD                0x00000040L
+# define SSL_AEAD                0x00000040U

 
 /* Bits for algorithm_ssl (protocol version) */
 
 /* Bits for algorithm_ssl (protocol version) */

-# define SSL_SSLV3               0x00000002L
+# define SSL_SSLV3               0x00000002U

 # define SSL_TLSV1               SSL_SSLV3/* for now */
 # define SSL_TLSV1               SSL_SSLV3/* for now */

-# define SSL_TLSV1_2             0x00000004L
+# define SSL_TLSV1_2             0x00000004U

 
 /* Bits for algorithm2 (handshake digests and other extra flags) */
 
 
 /* Bits for algorithm2 (handshake digests and other extra flags) */
 


@@ -428,24 +428,24 @@
  * and ciphers goes, another extension to SSL_SUPER and/or SSL_ULTRA would
  * be possible.
  */
  * and ciphers goes, another extension to SSL_SUPER and/or SSL_ULTRA would
  * be possible.
  */

-# define SSL_EXP_MASK            0x00000003L
-# define SSL_STRONG_MASK         0x000001fcL
-# define SSL_DEFAULT_MASK        0X00000200L
+# define SSL_EXP_MASK            0x00000003U
+# define SSL_STRONG_MASK         0x000001fcU
+# define SSL_DEFAULT_MASK        0X00000200U

 
 

-# define SSL_NOT_EXP             0x00000001L
-# define SSL_EXPORT              0x00000002L
+# define SSL_NOT_EXP             0x00000001U
+# define SSL_EXPORT              0x00000002U

 
 

-# define SSL_STRONG_NONE         0x00000004L
-# define SSL_EXP40               0x00000008L
+# define SSL_STRONG_NONE         0x00000004U
+# define SSL_EXP40               0x00000008U

 # define SSL_MICRO               (SSL_EXP40)
 # define SSL_MICRO               (SSL_EXP40)

-# define SSL_EXP56               0x00000010L
+# define SSL_EXP56               0x00000010U

 # define SSL_MINI                (SSL_EXP56)
 # define SSL_MINI                (SSL_EXP56)

-# define SSL_LOW                 0x00000020L
-# define SSL_MEDIUM              0x00000040L
-# define SSL_HIGH                0x00000080L
-# define SSL_FIPS                0x00000100L
+# define SSL_LOW                 0x00000020U
+# define SSL_MEDIUM              0x00000040U
+# define SSL_HIGH                0x00000080U
+# define SSL_FIPS                0x00000100U

 
 

-# define SSL_NOT_DEFAULT         0x00000200L
+# define SSL_NOT_DEFAULT         0x00000200U

 
 /* we have used 000003ff - 22 bits left to go */
 
 
 /* we have used 000003ff - 22 bits left to go */