Make GOST ciphersuites require TLSv1
authorDr. Stephen Henson <steve@openssl.org>
Wed, 18 Nov 2015 15:54:31 +0000 (15:54 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Thu, 19 Nov 2015 14:35:39 +0000 (14:35 +0000)
PR#4141

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
ssl/s3_lib.c

index 95cc56a..d5e593a 100644 (file)
@@ -1153,7 +1153,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = {
      SSL_aGOST01,
      SSL_eGOST2814789CNT,
      SSL_GOST89MAC,
-     SSL_SSLV3,
+     SSL_TLSV1,
      SSL_NOT_EXP | SSL_HIGH,
      SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
      256,
@@ -1167,7 +1167,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = {
      SSL_aGOST01,
      SSL_eNULL,
      SSL_GOST94,
-     SSL_SSLV3,
+     SSL_TLSV1,
      SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_STRONG_NONE,
      SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
      0,