Loading CHANGES +3 −0 Original line number Diff line number Diff line Loading @@ -279,6 +279,9 @@ TODO: bug: pad x with leading zeros if necessary Changes between 0.9.6g and 0.9.7 [XX xxx 2002] *) Change the SSL kerb5 codes to match RFC 2712. [Richard Levitte] *) Make -nameopt work fully for req and add -reqopt switch. [Michael Bell <michael.bell@rz.hu-berlin.de>, Steve Henson] Loading ssl/s3_lib.c +144 −30 Original line number Diff line number Diff line Loading @@ -538,6 +538,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_ALL_STRENGTHS, }, #if 0 /* Cipher 1E */ { 0, Loading @@ -551,55 +552,70 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, #endif #ifndef OPENSSL_NO_KRB5 /* The Kerberos ciphers ** 20000107 VRS: And the first shall be last, ** in hopes of avoiding the lynx ssl renegotiation problem. */ /* Cipher 21 VRS */ /* Cipher 1E VRS */ { 1, SSL3_TXT_KRB5_DES_40_CBC_SHA, SSL3_CK_KRB5_DES_40_CBC_SHA, SSL3_TXT_KRB5_DES_64_CBC_SHA, SSL3_CK_KRB5_DES_64_CBC_SHA, SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3, SSL_EXPORT|SSL_EXP40, SSL_NOT_EXP|SSL_LOW, 0, 40, 56, 56, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, /* Cipher 22 VRS */ /* Cipher 1F VRS */ { 1, SSL3_TXT_KRB5_DES_40_CBC_MD5, SSL3_CK_KRB5_DES_40_CBC_MD5, SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_MD5 |SSL_SSLV3, SSL_EXPORT|SSL_EXP40, SSL3_TXT_KRB5_DES_192_CBC3_SHA, SSL3_CK_KRB5_DES_192_CBC3_SHA, SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_SHA1 |SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH, 0, 40, 56, 112, 168, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, /* Cipher 23 VRS */ /* Cipher 20 VRS */ { 1, SSL3_TXT_KRB5_DES_64_CBC_SHA, SSL3_CK_KRB5_DES_64_CBC_SHA, SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3, SSL_NOT_EXP|SSL_LOW, SSL3_TXT_KRB5_RC4_128_SHA, SSL3_CK_KRB5_RC4_128_SHA, SSL_kKRB5|SSL_aKRB5| SSL_RC4|SSL_SHA1 |SSL_SSLV3, SSL_NOT_EXP|SSL_MEDIUM, 0, 56, 56, 128, 128, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, /* Cipher 24 VRS */ /* Cipher 21 VRS */ { 1, SSL3_TXT_KRB5_IDEA_128_CBC_SHA, SSL3_CK_KRB5_IDEA_128_CBC_SHA, SSL_kKRB5|SSL_aKRB5| SSL_IDEA|SSL_SHA1 |SSL_SSLV3, SSL_NOT_EXP|SSL_MEDIUM, 0, 128, 128, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, /* Cipher 22 VRS */ { 1, SSL3_TXT_KRB5_DES_64_CBC_MD5, Loading @@ -613,12 +629,12 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_ALL_STRENGTHS, }, /* Cipher 25 VRS */ /* Cipher 23 VRS */ { 1, SSL3_TXT_KRB5_DES_192_CBC3_SHA, SSL3_CK_KRB5_DES_192_CBC3_SHA, SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_SHA1 |SSL_SSLV3, SSL3_TXT_KRB5_DES_192_CBC3_MD5, SSL3_CK_KRB5_DES_192_CBC3_MD5, SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_MD5 |SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH, 0, 112, Loading @@ -627,16 +643,114 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_ALL_STRENGTHS, }, /* Cipher 24 VRS */ { 1, SSL3_TXT_KRB5_RC4_128_MD5, SSL3_CK_KRB5_RC4_128_MD5, SSL_kKRB5|SSL_aKRB5| SSL_RC4|SSL_MD5 |SSL_SSLV3, SSL_NOT_EXP|SSL_MEDIUM, 0, 128, 128, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, /* Cipher 25 VRS */ { 1, SSL3_TXT_KRB5_IDEA_128_CBC_MD5, SSL3_CK_KRB5_IDEA_128_CBC_MD5, SSL_kKRB5|SSL_aKRB5| SSL_IDEA|SSL_MD5 |SSL_SSLV3, SSL_NOT_EXP|SSL_MEDIUM, 0, 128, 128, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, /* Cipher 26 VRS */ { 1, SSL3_TXT_KRB5_DES_192_CBC3_MD5, SSL3_CK_KRB5_DES_192_CBC3_MD5, SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_MD5 |SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH, SSL3_TXT_KRB5_DES_40_CBC_SHA, SSL3_CK_KRB5_DES_40_CBC_SHA, SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3, SSL_EXPORT|SSL_EXP40, 0, 112, 168, 40, 56, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, /* Cipher 27 VRS */ { 1, SSL3_TXT_KRB5_RC2_40_CBC_SHA, SSL3_CK_KRB5_RC2_40_CBC_SHA, SSL_kKRB5|SSL_aKRB5| SSL_RC2|SSL_SHA1 |SSL_SSLV3, SSL_EXPORT|SSL_EXP40, 0, 40, 128, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, /* Cipher 28 VRS */ { 1, SSL3_TXT_KRB5_RC4_40_CBC_SHA, SSL3_CK_KRB5_RC4_40_CBC_SHA, SSL_kKRB5|SSL_aKRB5| SSL_RC4|SSL_SHA1 |SSL_SSLV3, SSL_EXPORT|SSL_EXP40, 0, 128, 128, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, /* Cipher 29 VRS */ { 1, SSL3_TXT_KRB5_DES_40_CBC_MD5, SSL3_CK_KRB5_DES_40_CBC_MD5, SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_MD5 |SSL_SSLV3, SSL_EXPORT|SSL_EXP40, 0, 40, 56, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, /* Cipher 2A VRS */ { 1, SSL3_TXT_KRB5_RC2_40_CBC_MD5, SSL3_CK_KRB5_RC2_40_CBC_MD5, SSL_kKRB5|SSL_aKRB5| SSL_RC2|SSL_MD5 |SSL_SSLV3, SSL_EXPORT|SSL_EXP40, 0, 40, 128, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, /* Cipher 2B VRS */ { 1, SSL3_TXT_KRB5_RC4_40_CBC_MD5, SSL3_CK_KRB5_RC4_40_CBC_MD5, SSL_kKRB5|SSL_aKRB5| SSL_RC4|SSL_MD5 |SSL_SSLV3, SSL_EXPORT|SSL_EXP40, 0, 128, 128, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, Loading ssl/ssl.h +16 −0 Original line number Diff line number Diff line Loading @@ -209,6 +209,22 @@ extern "C" { /* VRS Additional Kerberos5 entries */ #define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA #define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA #define SSL_TXT_KRB5_RC4_128_SHA SSL3_TXT_KRB5_RC4_128_SHA #define SSL_TXT_KRB5_IDEA_128_CBC_SHA SSL3_TXT_KRB5_IDEA_128_CBC_SHA #define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5 #define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA #define SSL_TXT_KRB5_RC4_128_MD5 SSL3_TXT_KRB5_RC4_128_MD5 #define SSL_TXT_KRB5_IDEA_128_CBC_SHA SSL3_TXT_KRB5_IDEA_128_CBC_SHA #define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA #define SSL_TXT_KRB5_RC2_40_CBC_SHA SSL3_TXT_KRB5_RC2_40_CBC_SHA #define SSL_TXT_KRB5_RC4_40_SHA SSL3_TXT_KRB5_RC4_40_SHA #define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5 #define SSL_TXT_KRB5_RC2_40_CBC_MD5 SSL3_TXT_KRB5_RC2_40_CBC_MD5 #define SSL_TXT_KRB5_RC4_40_MD5 SSL3_TXT_KRB5_RC4_40_MD5 #define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA #define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5 #define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA Loading ssl/ssl3.h +35 −13 Original line number Diff line number Diff line Loading @@ -161,23 +161,29 @@ extern "C" { #define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C #define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D #if 0 /* Because it clashes with KRB5, is never used any more, and is safe to remove according to David Hopwood <david.hopwood@zetnet.co.uk> of the ietf-tls list */ #define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E #endif /* VRS Additional Kerberos5 entries */ #define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000021 #define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000022 #define SSL3_CK_KRB5_DES_64_CBC_SHA 0x03000023 #define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000024 #define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x03000025 #define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000026 #define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA" #define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5" #define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA" #define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5" #define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA" #define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5" #define SSL3_CK_KRB5_DES_64_CBC_SHA 0x0300001E #define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x0300001F #define SSL3_CK_KRB5_RC4_128_SHA 0x03000020 #define SSL3_CK_KRB5_IDEA_128_CBC_SHA 0x03000021 #define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000022 #define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x03000023 #define SSL3_CK_KRB5_RC4_128_MD5 0x03000024 #define SSL3_CK_KRB5_IDEA_128_CBC_SHA 0x03000025 #define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000026 #define SSL3_CK_KRB5_RC2_40_CBC_SHA 0x03000027 #define SSL3_CK_KRB5_RC4_40_SHA 0x03000028 #define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000029 #define SSL3_CK_KRB5_RC2_40_CBC_MD5 0x0300002A #define SSL3_CK_KRB5_RC4_40_MD5 0x0300002B #define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5" #define SSL3_TXT_RSA_NULL_SHA "NULL-SHA" Loading Loading @@ -214,6 +220,22 @@ extern "C" { #define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA" #define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA" #define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA" #define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA" #define SSL3_TXT_KRB5_RC4_128_SHA "KRB5-RC4-SHA" #define SSL3_TXT_KRB5_IDEA_128_CBC_SHA "KRB5-IDEA-CBC-SHA" #define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5" #define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA" #define SSL3_TXT_KRB5_RC4_128_MD5 "KRB5-RC4-MD5" #define SSL3_TXT_KRB5_IDEA_128_CBC_SHA "KRB5-IDEA-CBC-SHA" #define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA" #define SSL3_TXT_KRB5_RC2_40_CBC_SHA "EXP-KRB5-RC2-CBC-SHA" #define SSL3_TXT_KRB5_RC4_40_SHA "EXP-KRB5-RC4-SHA" #define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5" #define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5" #define SSL3_TXT_KRB5_RC4_40_MD5 "EXP-KRB5-RC4-MD5" #define SSL3_SSL_SESSION_ID_LENGTH 32 #define SSL3_MAX_SSL_SESSION_ID_LENGTH 32 Loading Loading
CHANGES +3 −0 Original line number Diff line number Diff line Loading @@ -279,6 +279,9 @@ TODO: bug: pad x with leading zeros if necessary Changes between 0.9.6g and 0.9.7 [XX xxx 2002] *) Change the SSL kerb5 codes to match RFC 2712. [Richard Levitte] *) Make -nameopt work fully for req and add -reqopt switch. [Michael Bell <michael.bell@rz.hu-berlin.de>, Steve Henson] Loading
ssl/s3_lib.c +144 −30 Original line number Diff line number Diff line Loading @@ -538,6 +538,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_ALL_STRENGTHS, }, #if 0 /* Cipher 1E */ { 0, Loading @@ -551,55 +552,70 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, #endif #ifndef OPENSSL_NO_KRB5 /* The Kerberos ciphers ** 20000107 VRS: And the first shall be last, ** in hopes of avoiding the lynx ssl renegotiation problem. */ /* Cipher 21 VRS */ /* Cipher 1E VRS */ { 1, SSL3_TXT_KRB5_DES_40_CBC_SHA, SSL3_CK_KRB5_DES_40_CBC_SHA, SSL3_TXT_KRB5_DES_64_CBC_SHA, SSL3_CK_KRB5_DES_64_CBC_SHA, SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3, SSL_EXPORT|SSL_EXP40, SSL_NOT_EXP|SSL_LOW, 0, 40, 56, 56, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, /* Cipher 22 VRS */ /* Cipher 1F VRS */ { 1, SSL3_TXT_KRB5_DES_40_CBC_MD5, SSL3_CK_KRB5_DES_40_CBC_MD5, SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_MD5 |SSL_SSLV3, SSL_EXPORT|SSL_EXP40, SSL3_TXT_KRB5_DES_192_CBC3_SHA, SSL3_CK_KRB5_DES_192_CBC3_SHA, SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_SHA1 |SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH, 0, 40, 56, 112, 168, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, /* Cipher 23 VRS */ /* Cipher 20 VRS */ { 1, SSL3_TXT_KRB5_DES_64_CBC_SHA, SSL3_CK_KRB5_DES_64_CBC_SHA, SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3, SSL_NOT_EXP|SSL_LOW, SSL3_TXT_KRB5_RC4_128_SHA, SSL3_CK_KRB5_RC4_128_SHA, SSL_kKRB5|SSL_aKRB5| SSL_RC4|SSL_SHA1 |SSL_SSLV3, SSL_NOT_EXP|SSL_MEDIUM, 0, 56, 56, 128, 128, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, /* Cipher 24 VRS */ /* Cipher 21 VRS */ { 1, SSL3_TXT_KRB5_IDEA_128_CBC_SHA, SSL3_CK_KRB5_IDEA_128_CBC_SHA, SSL_kKRB5|SSL_aKRB5| SSL_IDEA|SSL_SHA1 |SSL_SSLV3, SSL_NOT_EXP|SSL_MEDIUM, 0, 128, 128, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, /* Cipher 22 VRS */ { 1, SSL3_TXT_KRB5_DES_64_CBC_MD5, Loading @@ -613,12 +629,12 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_ALL_STRENGTHS, }, /* Cipher 25 VRS */ /* Cipher 23 VRS */ { 1, SSL3_TXT_KRB5_DES_192_CBC3_SHA, SSL3_CK_KRB5_DES_192_CBC3_SHA, SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_SHA1 |SSL_SSLV3, SSL3_TXT_KRB5_DES_192_CBC3_MD5, SSL3_CK_KRB5_DES_192_CBC3_MD5, SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_MD5 |SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH, 0, 112, Loading @@ -627,16 +643,114 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_ALL_STRENGTHS, }, /* Cipher 24 VRS */ { 1, SSL3_TXT_KRB5_RC4_128_MD5, SSL3_CK_KRB5_RC4_128_MD5, SSL_kKRB5|SSL_aKRB5| SSL_RC4|SSL_MD5 |SSL_SSLV3, SSL_NOT_EXP|SSL_MEDIUM, 0, 128, 128, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, /* Cipher 25 VRS */ { 1, SSL3_TXT_KRB5_IDEA_128_CBC_MD5, SSL3_CK_KRB5_IDEA_128_CBC_MD5, SSL_kKRB5|SSL_aKRB5| SSL_IDEA|SSL_MD5 |SSL_SSLV3, SSL_NOT_EXP|SSL_MEDIUM, 0, 128, 128, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, /* Cipher 26 VRS */ { 1, SSL3_TXT_KRB5_DES_192_CBC3_MD5, SSL3_CK_KRB5_DES_192_CBC3_MD5, SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_MD5 |SSL_SSLV3, SSL_NOT_EXP|SSL_HIGH, SSL3_TXT_KRB5_DES_40_CBC_SHA, SSL3_CK_KRB5_DES_40_CBC_SHA, SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3, SSL_EXPORT|SSL_EXP40, 0, 112, 168, 40, 56, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, /* Cipher 27 VRS */ { 1, SSL3_TXT_KRB5_RC2_40_CBC_SHA, SSL3_CK_KRB5_RC2_40_CBC_SHA, SSL_kKRB5|SSL_aKRB5| SSL_RC2|SSL_SHA1 |SSL_SSLV3, SSL_EXPORT|SSL_EXP40, 0, 40, 128, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, /* Cipher 28 VRS */ { 1, SSL3_TXT_KRB5_RC4_40_CBC_SHA, SSL3_CK_KRB5_RC4_40_CBC_SHA, SSL_kKRB5|SSL_aKRB5| SSL_RC4|SSL_SHA1 |SSL_SSLV3, SSL_EXPORT|SSL_EXP40, 0, 128, 128, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, /* Cipher 29 VRS */ { 1, SSL3_TXT_KRB5_DES_40_CBC_MD5, SSL3_CK_KRB5_DES_40_CBC_MD5, SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_MD5 |SSL_SSLV3, SSL_EXPORT|SSL_EXP40, 0, 40, 56, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, /* Cipher 2A VRS */ { 1, SSL3_TXT_KRB5_RC2_40_CBC_MD5, SSL3_CK_KRB5_RC2_40_CBC_MD5, SSL_kKRB5|SSL_aKRB5| SSL_RC2|SSL_MD5 |SSL_SSLV3, SSL_EXPORT|SSL_EXP40, 0, 40, 128, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, /* Cipher 2B VRS */ { 1, SSL3_TXT_KRB5_RC4_40_CBC_MD5, SSL3_CK_KRB5_RC4_40_CBC_MD5, SSL_kKRB5|SSL_aKRB5| SSL_RC4|SSL_MD5 |SSL_SSLV3, SSL_EXPORT|SSL_EXP40, 0, 128, 128, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS, }, Loading
ssl/ssl.h +16 −0 Original line number Diff line number Diff line Loading @@ -209,6 +209,22 @@ extern "C" { /* VRS Additional Kerberos5 entries */ #define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA #define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA #define SSL_TXT_KRB5_RC4_128_SHA SSL3_TXT_KRB5_RC4_128_SHA #define SSL_TXT_KRB5_IDEA_128_CBC_SHA SSL3_TXT_KRB5_IDEA_128_CBC_SHA #define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5 #define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA #define SSL_TXT_KRB5_RC4_128_MD5 SSL3_TXT_KRB5_RC4_128_MD5 #define SSL_TXT_KRB5_IDEA_128_CBC_SHA SSL3_TXT_KRB5_IDEA_128_CBC_SHA #define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA #define SSL_TXT_KRB5_RC2_40_CBC_SHA SSL3_TXT_KRB5_RC2_40_CBC_SHA #define SSL_TXT_KRB5_RC4_40_SHA SSL3_TXT_KRB5_RC4_40_SHA #define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5 #define SSL_TXT_KRB5_RC2_40_CBC_MD5 SSL3_TXT_KRB5_RC2_40_CBC_MD5 #define SSL_TXT_KRB5_RC4_40_MD5 SSL3_TXT_KRB5_RC4_40_MD5 #define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA #define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5 #define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA Loading
ssl/ssl3.h +35 −13 Original line number Diff line number Diff line Loading @@ -161,23 +161,29 @@ extern "C" { #define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C #define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D #if 0 /* Because it clashes with KRB5, is never used any more, and is safe to remove according to David Hopwood <david.hopwood@zetnet.co.uk> of the ietf-tls list */ #define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E #endif /* VRS Additional Kerberos5 entries */ #define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000021 #define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000022 #define SSL3_CK_KRB5_DES_64_CBC_SHA 0x03000023 #define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000024 #define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x03000025 #define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000026 #define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA" #define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5" #define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA" #define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5" #define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA" #define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5" #define SSL3_CK_KRB5_DES_64_CBC_SHA 0x0300001E #define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x0300001F #define SSL3_CK_KRB5_RC4_128_SHA 0x03000020 #define SSL3_CK_KRB5_IDEA_128_CBC_SHA 0x03000021 #define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000022 #define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x03000023 #define SSL3_CK_KRB5_RC4_128_MD5 0x03000024 #define SSL3_CK_KRB5_IDEA_128_CBC_SHA 0x03000025 #define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000026 #define SSL3_CK_KRB5_RC2_40_CBC_SHA 0x03000027 #define SSL3_CK_KRB5_RC4_40_SHA 0x03000028 #define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000029 #define SSL3_CK_KRB5_RC2_40_CBC_MD5 0x0300002A #define SSL3_CK_KRB5_RC4_40_MD5 0x0300002B #define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5" #define SSL3_TXT_RSA_NULL_SHA "NULL-SHA" Loading Loading @@ -214,6 +220,22 @@ extern "C" { #define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA" #define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA" #define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA" #define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA" #define SSL3_TXT_KRB5_RC4_128_SHA "KRB5-RC4-SHA" #define SSL3_TXT_KRB5_IDEA_128_CBC_SHA "KRB5-IDEA-CBC-SHA" #define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5" #define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA" #define SSL3_TXT_KRB5_RC4_128_MD5 "KRB5-RC4-MD5" #define SSL3_TXT_KRB5_IDEA_128_CBC_SHA "KRB5-IDEA-CBC-SHA" #define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA" #define SSL3_TXT_KRB5_RC2_40_CBC_SHA "EXP-KRB5-RC2-CBC-SHA" #define SSL3_TXT_KRB5_RC4_40_SHA "EXP-KRB5-RC4-SHA" #define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5" #define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5" #define SSL3_TXT_KRB5_RC4_40_MD5 "EXP-KRB5-RC4-MD5" #define SSL3_SSL_SESSION_ID_LENGTH 32 #define SSL3_MAX_SSL_SESSION_ID_LENGTH 32 Loading
