Specify the correct strength bits for 3DES cipher suites.

From OpenSSL. ok miod@
author: jsing <> 2014-06-21 16:51:48 +0000
committer: jsing <> 2014-06-21 16:51:48 +0000
commit: 01ebd0cfc6bad80679edbaa1924e5d9323c29b2e (patch)
tree: b2f611b764b2a2623af35b8d9fabff6c3cb48b60 /src/lib
parent: 48daf116bc22f85719fc5d16fb0e632fb74fa73c (diff)
download: openbsd-01ebd0cfc6bad80679edbaa1924e5d9323c29b2e.tar.gz
openbsd-01ebd0cfc6bad80679edbaa1924e5d9323c29b2e.tar.bz2
openbsd-01ebd0cfc6bad80679edbaa1924e5d9323c29b2e.zip
2 files changed, 26 insertions, 30 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index fa7df59779..1e8eaa99d4 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.61 2014/06/13 13:28:53 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.62 2014/06/21 16:51:48 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -328,7 +328,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_ssl = SSL_SSLV3,
                .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
                .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-                .strength_bits = 168,
+                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -377,7 +377,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_ssl = SSL_SSLV3,
                .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
                .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-                .strength_bits = 168,
+                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -425,7 +425,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_ssl = SSL_SSLV3,
                .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
                .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-                .strength_bits = 168,
+                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -474,7 +474,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_ssl = SSL_SSLV3,
                .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
                .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-                .strength_bits = 168,
+                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -522,7 +522,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_ssl = SSL_SSLV3,
                .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
                .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-                .strength_bits = 168,
+                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -602,7 +602,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_ssl = SSL_SSLV3,
                .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
                .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-                .strength_bits = 168,
+                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -1293,7 +1293,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
                .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-                .strength_bits = 168,
+                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -1592,7 +1592,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
                .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-                .strength_bits = 168,
+                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -1672,7 +1672,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
                .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-                .strength_bits = 168,
+                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -1752,7 +1752,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
                .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-                .strength_bits = 168,
+                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -1832,7 +1832,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
                .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-                .strength_bits = 168,
+                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -1912,7 +1912,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
                .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-                .strength_bits = 168,
+                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -2225,8 +2225,6 @@ SSL_CIPHER ssl3_ciphers[] = {
                .alg_bits = 256,
        },
 #ifdef TEMP_GOST_TLS
        /* Cipher FF00 */
        {
diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c
index fa7df59779..1e8eaa99d4 100644
--- a/src/lib/libssl/src/ssl/s3_lib.c
+++ b/src/lib/libssl/src/ssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.61 2014/06/13 13:28:53 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.62 2014/06/21 16:51:48 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -328,7 +328,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_ssl = SSL_SSLV3,
                .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
                .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-                .strength_bits = 168,
+                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -377,7 +377,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_ssl = SSL_SSLV3,
                .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
                .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-                .strength_bits = 168,
+                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -425,7 +425,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_ssl = SSL_SSLV3,
                .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
                .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-                .strength_bits = 168,
+                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -474,7 +474,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_ssl = SSL_SSLV3,
                .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
                .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-                .strength_bits = 168,
+                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -522,7 +522,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_ssl = SSL_SSLV3,
                .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
                .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-                .strength_bits = 168,
+                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -602,7 +602,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_ssl = SSL_SSLV3,
                .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
                .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-                .strength_bits = 168,
+                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -1293,7 +1293,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
                .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-                .strength_bits = 168,
+                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -1592,7 +1592,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
                .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-                .strength_bits = 168,
+                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -1672,7 +1672,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
                .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-                .strength_bits = 168,
+                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -1752,7 +1752,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
                .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-                .strength_bits = 168,
+                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -1832,7 +1832,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
                .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-                .strength_bits = 168,
+                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -1912,7 +1912,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .algorithm_ssl = SSL_TLSV1,
                .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
                .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-                .strength_bits = 168,
+                .strength_bits = 112,
                .alg_bits = 168,
        },
@@ -2225,8 +2225,6 @@ SSL_CIPHER ssl3_ciphers[] = {
                .alg_bits = 256,
        },
 #ifdef TEMP_GOST_TLS
        /* Cipher FF00 */
        {
author	jsing <>	2014-06-21 16:51:48 +0000
committer	jsing <>	2014-06-21 16:51:48 +0000
commit	01ebd0cfc6bad80679edbaa1924e5d9323c29b2e (patch)
tree	b2f611b764b2a2623af35b8d9fabff6c3cb48b60 /src/lib
parent	48daf116bc22f85719fc5d16fb0e632fb74fa73c (diff)
download	openbsd-01ebd0cfc6bad80679edbaa1924e5d9323c29b2e.tar.gz openbsd-01ebd0cfc6bad80679edbaa1924e5d9323c29b2e.tar.bz2 openbsd-01ebd0cfc6bad80679edbaa1924e5d9323c29b2e.zip

diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c index fa7df59779..1e8eaa99d4 100644 --- a/src/lib/libssl/s3_lib.c +++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s3_lib.c,v 1.61 2014/06/13 13:28:53 jsing Exp $ */	1	/* $OpenBSD: s3_lib.c,v 1.62 2014/06/21 16:51:48 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -328,7 +328,7 @@ SSL_CIPHER ssl3_ciphers[] = {
328	.algorithm_ssl = SSL_SSLV3,	328	.algorithm_ssl = SSL_SSLV3,
329	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,	329	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
330	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,	330	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
331	.strength_bits = 168,	331	.strength_bits = 112,
332	.alg_bits = 168,	332	.alg_bits = 168,
333	},	333	},
334		334
@@ -377,7 +377,7 @@ SSL_CIPHER ssl3_ciphers[] = {
377	.algorithm_ssl = SSL_SSLV3,	377	.algorithm_ssl = SSL_SSLV3,
378	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,	378	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
379	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,	379	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
380	.strength_bits = 168,	380	.strength_bits = 112,
381	.alg_bits = 168,	381	.alg_bits = 168,
382	},	382	},
383		383
@@ -425,7 +425,7 @@ SSL_CIPHER ssl3_ciphers[] = {
425	.algorithm_ssl = SSL_SSLV3,	425	.algorithm_ssl = SSL_SSLV3,
426	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,	426	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
427	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,	427	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
428	.strength_bits = 168,	428	.strength_bits = 112,
429	.alg_bits = 168,	429	.alg_bits = 168,
430	},	430	},
431		431
@@ -474,7 +474,7 @@ SSL_CIPHER ssl3_ciphers[] = {
474	.algorithm_ssl = SSL_SSLV3,	474	.algorithm_ssl = SSL_SSLV3,
475	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,	475	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
476	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,	476	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
477	.strength_bits = 168,	477	.strength_bits = 112,
478	.alg_bits = 168,	478	.alg_bits = 168,
479	},	479	},
480		480
@@ -522,7 +522,7 @@ SSL_CIPHER ssl3_ciphers[] = {
522	.algorithm_ssl = SSL_SSLV3,	522	.algorithm_ssl = SSL_SSLV3,
523	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,	523	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
524	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,	524	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
525	.strength_bits = 168,	525	.strength_bits = 112,
526	.alg_bits = 168,	526	.alg_bits = 168,
527	},	527	},
528		528
@@ -602,7 +602,7 @@ SSL_CIPHER ssl3_ciphers[] = {
602	.algorithm_ssl = SSL_SSLV3,	602	.algorithm_ssl = SSL_SSLV3,
603	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,	603	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
604	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,	604	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
605	.strength_bits = 168,	605	.strength_bits = 112,
606	.alg_bits = 168,	606	.alg_bits = 168,
607	},	607	},
608		608
@@ -1293,7 +1293,7 @@ SSL_CIPHER ssl3_ciphers[] = {
1293	.algorithm_ssl = SSL_TLSV1,	1293	.algorithm_ssl = SSL_TLSV1,
1294	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,	1294	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
1295	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,	1295	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
1296	.strength_bits = 168,	1296	.strength_bits = 112,
1297	.alg_bits = 168,	1297	.alg_bits = 168,
1298	},	1298	},
1299		1299
@@ -1592,7 +1592,7 @@ SSL_CIPHER ssl3_ciphers[] = {
1592	.algorithm_ssl = SSL_TLSV1,	1592	.algorithm_ssl = SSL_TLSV1,
1593	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,	1593	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
1594	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,	1594	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
1595	.strength_bits = 168,	1595	.strength_bits = 112,
1596	.alg_bits = 168,	1596	.alg_bits = 168,
1597	},	1597	},
1598		1598
@@ -1672,7 +1672,7 @@ SSL_CIPHER ssl3_ciphers[] = {
1672	.algorithm_ssl = SSL_TLSV1,	1672	.algorithm_ssl = SSL_TLSV1,
1673	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,	1673	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
1674	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,	1674	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
1675	.strength_bits = 168,	1675	.strength_bits = 112,
1676	.alg_bits = 168,	1676	.alg_bits = 168,
1677	},	1677	},
1678		1678
@@ -1752,7 +1752,7 @@ SSL_CIPHER ssl3_ciphers[] = {
1752	.algorithm_ssl = SSL_TLSV1,	1752	.algorithm_ssl = SSL_TLSV1,
1753	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,	1753	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
1754	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,	1754	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
1755	.strength_bits = 168,	1755	.strength_bits = 112,
1756	.alg_bits = 168,	1756	.alg_bits = 168,
1757	},	1757	},
1758		1758
@@ -1832,7 +1832,7 @@ SSL_CIPHER ssl3_ciphers[] = {
1832	.algorithm_ssl = SSL_TLSV1,	1832	.algorithm_ssl = SSL_TLSV1,
1833	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,	1833	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
1834	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,	1834	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
1835	.strength_bits = 168,	1835	.strength_bits = 112,
1836	.alg_bits = 168,	1836	.alg_bits = 168,
1837	},	1837	},
1838		1838
@@ -1912,7 +1912,7 @@ SSL_CIPHER ssl3_ciphers[] = {
1912	.algorithm_ssl = SSL_TLSV1,	1912	.algorithm_ssl = SSL_TLSV1,
1913	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,	1913	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
1914	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,	1914	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
1915	.strength_bits = 168,	1915	.strength_bits = 112,
1916	.alg_bits = 168,	1916	.alg_bits = 168,
1917	},	1917	},
1918		1918
@@ -2225,8 +2225,6 @@ SSL_CIPHER ssl3_ciphers[] = {
2225	.alg_bits = 256,	2225	.alg_bits = 256,
2226	},	2226	},
2227		2227
2228
2229
2230	#ifdef TEMP_GOST_TLS	2228	#ifdef TEMP_GOST_TLS
2231	/* Cipher FF00 */	2229	/* Cipher FF00 */
2232	{	2230	{


diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c index fa7df59779..1e8eaa99d4 100644 --- a/src/lib/libssl/src/ssl/s3_lib.c +++ b/src/lib/libssl/src/ssl/s3_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s3_lib.c,v 1.61 2014/06/13 13:28:53 jsing Exp $ */	1	/* $OpenBSD: s3_lib.c,v 1.62 2014/06/21 16:51:48 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -328,7 +328,7 @@ SSL_CIPHER ssl3_ciphers[] = {
328	.algorithm_ssl = SSL_SSLV3,	328	.algorithm_ssl = SSL_SSLV3,
329	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,	329	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
330	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,	330	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
331	.strength_bits = 168,	331	.strength_bits = 112,
332	.alg_bits = 168,	332	.alg_bits = 168,
333	},	333	},
334		334
@@ -377,7 +377,7 @@ SSL_CIPHER ssl3_ciphers[] = {
377	.algorithm_ssl = SSL_SSLV3,	377	.algorithm_ssl = SSL_SSLV3,
378	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,	378	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
379	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,	379	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
380	.strength_bits = 168,	380	.strength_bits = 112,
381	.alg_bits = 168,	381	.alg_bits = 168,
382	},	382	},
383		383
@@ -425,7 +425,7 @@ SSL_CIPHER ssl3_ciphers[] = {
425	.algorithm_ssl = SSL_SSLV3,	425	.algorithm_ssl = SSL_SSLV3,
426	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,	426	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
427	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,	427	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
428	.strength_bits = 168,	428	.strength_bits = 112,
429	.alg_bits = 168,	429	.alg_bits = 168,
430	},	430	},
431		431
@@ -474,7 +474,7 @@ SSL_CIPHER ssl3_ciphers[] = {
474	.algorithm_ssl = SSL_SSLV3,	474	.algorithm_ssl = SSL_SSLV3,
475	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,	475	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
476	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,	476	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
477	.strength_bits = 168,	477	.strength_bits = 112,
478	.alg_bits = 168,	478	.alg_bits = 168,
479	},	479	},
480		480
@@ -522,7 +522,7 @@ SSL_CIPHER ssl3_ciphers[] = {
522	.algorithm_ssl = SSL_SSLV3,	522	.algorithm_ssl = SSL_SSLV3,
523	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,	523	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
524	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,	524	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
525	.strength_bits = 168,	525	.strength_bits = 112,
526	.alg_bits = 168,	526	.alg_bits = 168,
527	},	527	},
528		528
@@ -602,7 +602,7 @@ SSL_CIPHER ssl3_ciphers[] = {
602	.algorithm_ssl = SSL_SSLV3,	602	.algorithm_ssl = SSL_SSLV3,
603	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,	603	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
604	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,	604	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
605	.strength_bits = 168,	605	.strength_bits = 112,
606	.alg_bits = 168,	606	.alg_bits = 168,
607	},	607	},
608		608
@@ -1293,7 +1293,7 @@ SSL_CIPHER ssl3_ciphers[] = {
1293	.algorithm_ssl = SSL_TLSV1,	1293	.algorithm_ssl = SSL_TLSV1,
1294	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,	1294	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
1295	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,	1295	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
1296	.strength_bits = 168,	1296	.strength_bits = 112,
1297	.alg_bits = 168,	1297	.alg_bits = 168,
1298	},	1298	},
1299		1299
@@ -1592,7 +1592,7 @@ SSL_CIPHER ssl3_ciphers[] = {
1592	.algorithm_ssl = SSL_TLSV1,	1592	.algorithm_ssl = SSL_TLSV1,
1593	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,	1593	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
1594	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,	1594	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
1595	.strength_bits = 168,	1595	.strength_bits = 112,
1596	.alg_bits = 168,	1596	.alg_bits = 168,
1597	},	1597	},
1598		1598
@@ -1672,7 +1672,7 @@ SSL_CIPHER ssl3_ciphers[] = {
1672	.algorithm_ssl = SSL_TLSV1,	1672	.algorithm_ssl = SSL_TLSV1,
1673	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,	1673	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
1674	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,	1674	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
1675	.strength_bits = 168,	1675	.strength_bits = 112,
1676	.alg_bits = 168,	1676	.alg_bits = 168,
1677	},	1677	},
1678		1678
@@ -1752,7 +1752,7 @@ SSL_CIPHER ssl3_ciphers[] = {
1752	.algorithm_ssl = SSL_TLSV1,	1752	.algorithm_ssl = SSL_TLSV1,
1753	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,	1753	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
1754	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,	1754	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
1755	.strength_bits = 168,	1755	.strength_bits = 112,
1756	.alg_bits = 168,	1756	.alg_bits = 168,
1757	},	1757	},
1758		1758
@@ -1832,7 +1832,7 @@ SSL_CIPHER ssl3_ciphers[] = {
1832	.algorithm_ssl = SSL_TLSV1,	1832	.algorithm_ssl = SSL_TLSV1,
1833	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,	1833	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
1834	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,	1834	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
1835	.strength_bits = 168,	1835	.strength_bits = 112,
1836	.alg_bits = 168,	1836	.alg_bits = 168,
1837	},	1837	},
1838		1838
@@ -1912,7 +1912,7 @@ SSL_CIPHER ssl3_ciphers[] = {
1912	.algorithm_ssl = SSL_TLSV1,	1912	.algorithm_ssl = SSL_TLSV1,
1913	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,	1913	.algo_strength = SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
1914	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,	1914	.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
1915	.strength_bits = 168,	1915	.strength_bits = 112,
1916	.alg_bits = 168,	1916	.alg_bits = 168,
1917	},	1917	},
1918		1918
@@ -2225,8 +2225,6 @@ SSL_CIPHER ssl3_ciphers[] = {
2225	.alg_bits = 256,	2225	.alg_bits = 256,
2226	},	2226	},
2227		2227
2228
2229
2230	#ifdef TEMP_GOST_TLS	2228	#ifdef TEMP_GOST_TLS
2231	/* Cipher FF00 */	2229	/* Cipher FF00 */
2232	{	2230	{