2 files changed, 52 insertions, 10 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index e66f841df3..acb35a8f25 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.74 2014/08/10 14:57:04 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.75 2014/08/10 15:06:15 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -282,7 +282,9 @@ SSL_CIPHER ssl3_ciphers[] = {
                .alg_bits = 168,
        },
-        /* The Ephemeral DH ciphers */
+        /*
+         * Ephemeral DH (DHE) ciphers.
+         */
        /* Cipher 12 */
        {
@@ -396,7 +398,9 @@ SSL_CIPHER ssl3_ciphers[] = {
                .alg_bits = 168,
        },
-        /* New AES ciphersuites */
+        /*
+         * AES ciphersuites.
+         */
        /* Cipher 2F */
        {
@@ -742,6 +746,7 @@ SSL_CIPHER ssl3_ciphers[] = {
        /* GOST Ciphersuites */
+        /* Cipher 80 */
        {
                .valid = 1,
                .name = "GOST94-GOST89-GOST89",
@@ -757,6 +762,8 @@ SSL_CIPHER ssl3_ciphers[] = {
                .strength_bits = 256,
                .alg_bits = 256
        },
+        /* Cipher 81 */
        {
                .valid = 1,
                .name = "GOST2001-GOST89-GOST89",
@@ -772,6 +779,8 @@ SSL_CIPHER ssl3_ciphers[] = {
                .strength_bits = 256,
                .alg_bits = 256
        },
+        /* Cipher 82 */
        {
                .valid = 1,
                .name = "GOST94-NULL-GOST94",
@@ -786,6 +795,8 @@ SSL_CIPHER ssl3_ciphers[] = {
                .strength_bits = 0,
                .alg_bits = 0
        },
+        /* Cipher 83 */
        {
                .valid = 1,
                .name = "GOST2001-NULL-GOST94",
@@ -869,8 +880,9 @@ SSL_CIPHER ssl3_ciphers[] = {
        },
 #endif /* OPENSSL_NO_CAMELLIA */
+        /*
-        /* GCM ciphersuites from RFC5288 */
+         * GCM ciphersuites from RFC5288.
+         */
        /* Cipher 9C */
        {
@@ -1709,6 +1721,8 @@ SSL_CIPHER ssl3_ciphers[] = {
                .strength_bits = 256,
                .alg_bits = 256,
        },
+        /* Cipher FF01 */
        {
                .valid = 1,
                .name = "GOST-GOST94",
@@ -1723,6 +1737,8 @@ SSL_CIPHER ssl3_ciphers[] = {
                .strength_bits = 256,
                .alg_bits = 256
        },
+        /* Cipher FF02 */
        {
                .valid = 1,
                .name = "GOST-GOST89MAC",
@@ -1737,6 +1753,8 @@ SSL_CIPHER ssl3_ciphers[] = {
                .strength_bits = 256,
                .alg_bits = 256
        },
+        /* Cipher FF03 */
        {
                .valid = 1,
                .name = "GOST-GOST89STREAM",
@@ -1755,6 +1773,7 @@ SSL_CIPHER ssl3_ciphers[] = {
 #endif
 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
+        /* Cipher CC13 */
        {
                .valid = 1,
                .name = TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
@@ -1771,6 +1790,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .alg_bits = 0,
        },
+        /* Cipher CC14 */
        {
                .valid = 1,
                .name = TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
@@ -1787,6 +1807,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .alg_bits = 0,
        },
+        /* Cipher CC15 */
        {
                .valid = 1,
                .name = TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,
diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c
index e66f841df3..acb35a8f25 100644
--- a/src/lib/libssl/src/ssl/s3_lib.c
+++ b/src/lib/libssl/src/ssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.74 2014/08/10 14:57:04 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.75 2014/08/10 15:06:15 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -282,7 +282,9 @@ SSL_CIPHER ssl3_ciphers[] = {
                .alg_bits = 168,
        },
-        /* The Ephemeral DH ciphers */
+        /*
+         * Ephemeral DH (DHE) ciphers.
+         */
        /* Cipher 12 */
        {
@@ -396,7 +398,9 @@ SSL_CIPHER ssl3_ciphers[] = {
                .alg_bits = 168,
        },
-        /* New AES ciphersuites */
+        /*
+         * AES ciphersuites.
+         */
        /* Cipher 2F */
        {
@@ -742,6 +746,7 @@ SSL_CIPHER ssl3_ciphers[] = {
        /* GOST Ciphersuites */
+        /* Cipher 80 */
        {
                .valid = 1,
                .name = "GOST94-GOST89-GOST89",
@@ -757,6 +762,8 @@ SSL_CIPHER ssl3_ciphers[] = {
                .strength_bits = 256,
                .alg_bits = 256
        },
+        /* Cipher 81 */
        {
                .valid = 1,
                .name = "GOST2001-GOST89-GOST89",
@@ -772,6 +779,8 @@ SSL_CIPHER ssl3_ciphers[] = {
                .strength_bits = 256,
                .alg_bits = 256
        },
+        /* Cipher 82 */
        {
                .valid = 1,
                .name = "GOST94-NULL-GOST94",
@@ -786,6 +795,8 @@ SSL_CIPHER ssl3_ciphers[] = {
                .strength_bits = 0,
                .alg_bits = 0
        },
+        /* Cipher 83 */
        {
                .valid = 1,
                .name = "GOST2001-NULL-GOST94",
@@ -869,8 +880,9 @@ SSL_CIPHER ssl3_ciphers[] = {
        },
 #endif /* OPENSSL_NO_CAMELLIA */
+        /*
-        /* GCM ciphersuites from RFC5288 */
+         * GCM ciphersuites from RFC5288.
+         */
        /* Cipher 9C */
        {
@@ -1709,6 +1721,8 @@ SSL_CIPHER ssl3_ciphers[] = {
                .strength_bits = 256,
                .alg_bits = 256,
        },
+        /* Cipher FF01 */
        {
                .valid = 1,
                .name = "GOST-GOST94",
@@ -1723,6 +1737,8 @@ SSL_CIPHER ssl3_ciphers[] = {
                .strength_bits = 256,
                .alg_bits = 256
        },
+        /* Cipher FF02 */
        {
                .valid = 1,
                .name = "GOST-GOST89MAC",
@@ -1737,6 +1753,8 @@ SSL_CIPHER ssl3_ciphers[] = {
                .strength_bits = 256,
                .alg_bits = 256
        },
+        /* Cipher FF03 */
        {
                .valid = 1,
                .name = "GOST-GOST89STREAM",
@@ -1755,6 +1773,7 @@ SSL_CIPHER ssl3_ciphers[] = {
 #endif
 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
+        /* Cipher CC13 */
        {
                .valid = 1,
                .name = TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
@@ -1771,6 +1790,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .alg_bits = 0,
        },
+        /* Cipher CC14 */
        {
                .valid = 1,
                .name = TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
@@ -1787,6 +1807,7 @@ SSL_CIPHER ssl3_ciphers[] = {
                .alg_bits = 0,
        },
+        /* Cipher CC15 */
        {
                .valid = 1,
                .name = TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,

diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c index e66f841df3..acb35a8f25 100644 --- a/src/lib/libssl/s3_lib.c +++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s3_lib.c,v 1.74 2014/08/10 14:57:04 jsing Exp $ */	1	/* $OpenBSD: s3_lib.c,v 1.75 2014/08/10 15:06:15 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -282,7 +282,9 @@ SSL_CIPHER ssl3_ciphers[] = {
282	.alg_bits = 168,	282	.alg_bits = 168,
283	},	283	},
284		284
285	/* The Ephemeral DH ciphers */	285	/*
		286	* Ephemeral DH (DHE) ciphers.
		287	*/
286		288
287	/* Cipher 12 */	289	/* Cipher 12 */
288	{	290	{
@@ -396,7 +398,9 @@ SSL_CIPHER ssl3_ciphers[] = {
396	.alg_bits = 168,	398	.alg_bits = 168,
397	},	399	},
398		400
399	/* New AES ciphersuites */	401	/*
		402	* AES ciphersuites.
		403	*/
400		404
401	/* Cipher 2F */	405	/* Cipher 2F */
402	{	406	{
@@ -742,6 +746,7 @@ SSL_CIPHER ssl3_ciphers[] = {
742		746
743	/* GOST Ciphersuites */	747	/* GOST Ciphersuites */
744		748
		749	/* Cipher 80 */
745	{	750	{
746	.valid = 1,	751	.valid = 1,
747	.name = "GOST94-GOST89-GOST89",	752	.name = "GOST94-GOST89-GOST89",
@@ -757,6 +762,8 @@ SSL_CIPHER ssl3_ciphers[] = {
757	.strength_bits = 256,	762	.strength_bits = 256,
758	.alg_bits = 256	763	.alg_bits = 256
759	},	764	},
		765
		766	/* Cipher 81 */
760	{	767	{
761	.valid = 1,	768	.valid = 1,
762	.name = "GOST2001-GOST89-GOST89",	769	.name = "GOST2001-GOST89-GOST89",
@@ -772,6 +779,8 @@ SSL_CIPHER ssl3_ciphers[] = {
772	.strength_bits = 256,	779	.strength_bits = 256,
773	.alg_bits = 256	780	.alg_bits = 256
774	},	781	},
		782
		783	/* Cipher 82 */
775	{	784	{
776	.valid = 1,	785	.valid = 1,
777	.name = "GOST94-NULL-GOST94",	786	.name = "GOST94-NULL-GOST94",
@@ -786,6 +795,8 @@ SSL_CIPHER ssl3_ciphers[] = {
786	.strength_bits = 0,	795	.strength_bits = 0,
787	.alg_bits = 0	796	.alg_bits = 0
788	},	797	},
		798
		799	/* Cipher 83 */
789	{	800	{
790	.valid = 1,	801	.valid = 1,
791	.name = "GOST2001-NULL-GOST94",	802	.name = "GOST2001-NULL-GOST94",
@@ -869,8 +880,9 @@ SSL_CIPHER ssl3_ciphers[] = {
869	},	880	},
870	#endif /* OPENSSL_NO_CAMELLIA */	881	#endif /* OPENSSL_NO_CAMELLIA */
871		882
872		883	/*
873	/* GCM ciphersuites from RFC5288 */	884	* GCM ciphersuites from RFC5288.
		885	*/
874		886
875	/* Cipher 9C */	887	/* Cipher 9C */
876	{	888	{
@@ -1709,6 +1721,8 @@ SSL_CIPHER ssl3_ciphers[] = {
1709	.strength_bits = 256,	1721	.strength_bits = 256,
1710	.alg_bits = 256,	1722	.alg_bits = 256,
1711	},	1723	},
		1724
		1725	/* Cipher FF01 */
1712	{	1726	{
1713	.valid = 1,	1727	.valid = 1,
1714	.name = "GOST-GOST94",	1728	.name = "GOST-GOST94",
@@ -1723,6 +1737,8 @@ SSL_CIPHER ssl3_ciphers[] = {
1723	.strength_bits = 256,	1737	.strength_bits = 256,
1724	.alg_bits = 256	1738	.alg_bits = 256
1725	},	1739	},
		1740
		1741	/* Cipher FF02 */
1726	{	1742	{
1727	.valid = 1,	1743	.valid = 1,
1728	.name = "GOST-GOST89MAC",	1744	.name = "GOST-GOST89MAC",
@@ -1737,6 +1753,8 @@ SSL_CIPHER ssl3_ciphers[] = {
1737	.strength_bits = 256,	1753	.strength_bits = 256,
1738	.alg_bits = 256	1754	.alg_bits = 256
1739	},	1755	},
		1756
		1757	/* Cipher FF03 */
1740	{	1758	{
1741	.valid = 1,	1759	.valid = 1,
1742	.name = "GOST-GOST89STREAM",	1760	.name = "GOST-GOST89STREAM",
@@ -1755,6 +1773,7 @@ SSL_CIPHER ssl3_ciphers[] = {
1755	#endif	1773	#endif
1756		1774
1757	#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)	1775	#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
		1776	/* Cipher CC13 */
1758	{	1777	{
1759	.valid = 1,	1778	.valid = 1,
1760	.name = TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,	1779	.name = TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
@@ -1771,6 +1790,7 @@ SSL_CIPHER ssl3_ciphers[] = {
1771	.alg_bits = 0,	1790	.alg_bits = 0,
1772	},	1791	},
1773		1792
		1793	/* Cipher CC14 */
1774	{	1794	{
1775	.valid = 1,	1795	.valid = 1,
1776	.name = TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,	1796	.name = TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
@@ -1787,6 +1807,7 @@ SSL_CIPHER ssl3_ciphers[] = {
1787	.alg_bits = 0,	1807	.alg_bits = 0,
1788	},	1808	},
1789		1809
		1810	/* Cipher CC15 */
1790	{	1811	{
1791	.valid = 1,	1812	.valid = 1,
1792	.name = TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,	1813	.name = TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,


diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c index e66f841df3..acb35a8f25 100644 --- a/src/lib/libssl/src/ssl/s3_lib.c +++ b/src/lib/libssl/src/ssl/s3_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s3_lib.c,v 1.74 2014/08/10 14:57:04 jsing Exp $ */	1	/* $OpenBSD: s3_lib.c,v 1.75 2014/08/10 15:06:15 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -282,7 +282,9 @@ SSL_CIPHER ssl3_ciphers[] = {
282	.alg_bits = 168,	282	.alg_bits = 168,
283	},	283	},
284		284
285	/* The Ephemeral DH ciphers */	285	/*
		286	* Ephemeral DH (DHE) ciphers.
		287	*/
286		288
287	/* Cipher 12 */	289	/* Cipher 12 */
288	{	290	{
@@ -396,7 +398,9 @@ SSL_CIPHER ssl3_ciphers[] = {
396	.alg_bits = 168,	398	.alg_bits = 168,
397	},	399	},
398		400
399	/* New AES ciphersuites */	401	/*
		402	* AES ciphersuites.
		403	*/
400		404
401	/* Cipher 2F */	405	/* Cipher 2F */
402	{	406	{
@@ -742,6 +746,7 @@ SSL_CIPHER ssl3_ciphers[] = {
742		746
743	/* GOST Ciphersuites */	747	/* GOST Ciphersuites */
744		748
		749	/* Cipher 80 */
745	{	750	{
746	.valid = 1,	751	.valid = 1,
747	.name = "GOST94-GOST89-GOST89",	752	.name = "GOST94-GOST89-GOST89",
@@ -757,6 +762,8 @@ SSL_CIPHER ssl3_ciphers[] = {
757	.strength_bits = 256,	762	.strength_bits = 256,
758	.alg_bits = 256	763	.alg_bits = 256
759	},	764	},
		765
		766	/* Cipher 81 */
760	{	767	{
761	.valid = 1,	768	.valid = 1,
762	.name = "GOST2001-GOST89-GOST89",	769	.name = "GOST2001-GOST89-GOST89",
@@ -772,6 +779,8 @@ SSL_CIPHER ssl3_ciphers[] = {
772	.strength_bits = 256,	779	.strength_bits = 256,
773	.alg_bits = 256	780	.alg_bits = 256
774	},	781	},
		782
		783	/* Cipher 82 */
775	{	784	{
776	.valid = 1,	785	.valid = 1,
777	.name = "GOST94-NULL-GOST94",	786	.name = "GOST94-NULL-GOST94",
@@ -786,6 +795,8 @@ SSL_CIPHER ssl3_ciphers[] = {
786	.strength_bits = 0,	795	.strength_bits = 0,
787	.alg_bits = 0	796	.alg_bits = 0
788	},	797	},
		798
		799	/* Cipher 83 */
789	{	800	{
790	.valid = 1,	801	.valid = 1,
791	.name = "GOST2001-NULL-GOST94",	802	.name = "GOST2001-NULL-GOST94",
@@ -869,8 +880,9 @@ SSL_CIPHER ssl3_ciphers[] = {
869	},	880	},
870	#endif /* OPENSSL_NO_CAMELLIA */	881	#endif /* OPENSSL_NO_CAMELLIA */
871		882
872		883	/*
873	/* GCM ciphersuites from RFC5288 */	884	* GCM ciphersuites from RFC5288.
		885	*/
874		886
875	/* Cipher 9C */	887	/* Cipher 9C */
876	{	888	{
@@ -1709,6 +1721,8 @@ SSL_CIPHER ssl3_ciphers[] = {
1709	.strength_bits = 256,	1721	.strength_bits = 256,
1710	.alg_bits = 256,	1722	.alg_bits = 256,
1711	},	1723	},
		1724
		1725	/* Cipher FF01 */
1712	{	1726	{
1713	.valid = 1,	1727	.valid = 1,
1714	.name = "GOST-GOST94",	1728	.name = "GOST-GOST94",
@@ -1723,6 +1737,8 @@ SSL_CIPHER ssl3_ciphers[] = {
1723	.strength_bits = 256,	1737	.strength_bits = 256,
1724	.alg_bits = 256	1738	.alg_bits = 256
1725	},	1739	},
		1740
		1741	/* Cipher FF02 */
1726	{	1742	{
1727	.valid = 1,	1743	.valid = 1,
1728	.name = "GOST-GOST89MAC",	1744	.name = "GOST-GOST89MAC",
@@ -1737,6 +1753,8 @@ SSL_CIPHER ssl3_ciphers[] = {
1737	.strength_bits = 256,	1753	.strength_bits = 256,
1738	.alg_bits = 256	1754	.alg_bits = 256
1739	},	1755	},
		1756
		1757	/* Cipher FF03 */
1740	{	1758	{
1741	.valid = 1,	1759	.valid = 1,
1742	.name = "GOST-GOST89STREAM",	1760	.name = "GOST-GOST89STREAM",
@@ -1755,6 +1773,7 @@ SSL_CIPHER ssl3_ciphers[] = {
1755	#endif	1773	#endif
1756		1774
1757	#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)	1775	#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
		1776	/* Cipher CC13 */
1758	{	1777	{
1759	.valid = 1,	1778	.valid = 1,
1760	.name = TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,	1779	.name = TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
@@ -1771,6 +1790,7 @@ SSL_CIPHER ssl3_ciphers[] = {
1771	.alg_bits = 0,	1790	.alg_bits = 0,
1772	},	1791	},
1773		1792
		1793	/* Cipher CC14 */
1774	{	1794	{
1775	.valid = 1,	1795	.valid = 1,
1776	.name = TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,	1796	.name = TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
@@ -1787,6 +1807,7 @@ SSL_CIPHER ssl3_ciphers[] = {
1787	.alg_bits = 0,	1807	.alg_bits = 0,
1788	},	1808	},
1789		1809
		1810	/* Cipher CC15 */
1790	{	1811	{
1791	.valid = 1,	1812	.valid = 1,
1792	.name = TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,	1813	.name = TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,