IDEA is not supported in TLS 1.2

This currently seems to be the only cipher we still support that should get
disabled.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
MR: #1595

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 093ff09e8f9fcc90d743130c089102a0cd112bec..c779ea76c312d197b5ff36a0f2e89a8844fda1bc 100644 (file)
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -242,8 +242,8 @@ static const SSL_CIPHER ssl3_ciphers[] = {
      SSL_aRSA,
      SSL_IDEA,
      SSL_SHA1,
      SSL_aRSA,
      SSL_IDEA,
      SSL_SHA1,

-     SSL3_VERSION, TLS1_2_VERSION,
-     DTLS1_VERSION, DTLS1_2_VERSION,
+     SSL3_VERSION, TLS1_1_VERSION,
+     DTLS1_VERSION, DTLS1_VERSION,

      SSL_NOT_DEFAULT | SSL_MEDIUM,
      SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
      128,
      SSL_NOT_DEFAULT | SSL_MEDIUM,
      SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
      128,