diff options
| author | Parménides GV <parmegv@sdf.org> | 2014-10-02 18:07:56 +0200 |
|---|---|---|
| committer | Parménides GV <parmegv@sdf.org> | 2014-10-02 18:07:56 +0200 |
| commit | 914c5156b014970dde717b9a27c0c69f11cc7d98 (patch) | |
| tree | cb15666fb01b0f0410327ae7aaa23df444ac3b4c /app/openssl/ssl/s3_lib.c | |
| parent | 22b7ee4614a2f47d55496de8a9b55040c0f4ba85 (diff) | |
Binaries from r885 of ics-openvpn, ndk10b 32 bits.
We don't support 64 bits targets because of https://code.google.com/p/android/issues/detail?id=77004&thanks=77004&ts=1412248443.
Diffstat (limited to 'app/openssl/ssl/s3_lib.c')
| -rw-r--r-- | app/openssl/ssl/s3_lib.c | 31 |
1 files changed, 14 insertions, 17 deletions
diff --git a/app/openssl/ssl/s3_lib.c b/app/openssl/ssl/s3_lib.c index f84da7f5..896d1e19 100644 --- a/app/openssl/ssl/s3_lib.c +++ b/app/openssl/ssl/s3_lib.c @@ -2828,35 +2828,34 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ #ifndef OPENSSL_NO_PSK /* ECDH PSK ciphersuites from RFC 5489 */ - - /* Cipher C037 */ + /* Cipher C035 */ { 1, - TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256, - TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256, + TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA, + TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA, SSL_kEECDH, SSL_aPSK, SSL_AES128, - SSL_SHA256, + SSL_SHA1, SSL_TLSV1, - SSL_NOT_EXP|SSL_HIGH, - SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF_SHA256, + SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 128, 128, }, - /* Cipher C038 */ + /* Cipher C036 */ { 1, - TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384, - TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384, + TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA, + TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA, SSL_kEECDH, SSL_aPSK, SSL_AES256, - SSL_SHA384, + SSL_SHA1, SSL_TLSV1, - SSL_NOT_EXP|SSL_HIGH, - SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF_SHA384, + SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 256, 256, }, @@ -3412,8 +3411,6 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) break; #endif case SSL_CTRL_CHANNEL_ID: - if (!s->server) - break; s->tlsext_channel_id_enabled = 1; ret = 1; break; @@ -3429,7 +3426,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) } if (s->tlsext_channel_id_private) EVP_PKEY_free(s->tlsext_channel_id_private); - s->tlsext_channel_id_private = (EVP_PKEY*) parg; + s->tlsext_channel_id_private = EVP_PKEY_dup((EVP_PKEY*) parg); ret = 1; break; @@ -3744,7 +3741,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) } if (ctx->tlsext_channel_id_private) EVP_PKEY_free(ctx->tlsext_channel_id_private); - ctx->tlsext_channel_id_private = (EVP_PKEY*) parg; + ctx->tlsext_channel_id_private = EVP_PKEY_dup((EVP_PKEY*) parg); break; default: |