Merge branch 'feature/Update-ndk-version-and-native-binaries-#6142' into develop

author: Parménides GV <parmegv@sdf.org> 2014-10-02 18:19:30 +0200
committer: Parménides GV <parmegv@sdf.org> 2014-10-02 18:19:30 +0200
commit: 34643c6b5ab0643383e24025876b0d69859ba4f9 (patch)
tree: cb15666fb01b0f0410327ae7aaa23df444ac3b4c /app/openssl/ssl/s3_lib.c
parent: 22b7ee4614a2f47d55496de8a9b55040c0f4ba85 (diff)
parent: 914c5156b014970dde717b9a27c0c69f11cc7d98 (diff)
1 files changed, 14 insertions, 17 deletions
diff --git a/app/openssl/ssl/s3_lib.c b/app/openssl/ssl/s3_lib.c
index f84da7f5..896d1e19 100644
--- a/app/openssl/ssl/s3_lib.c
+++ b/app/openssl/ssl/s3_lib.c
@@ -2828,35 +2828,34 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 
 #ifndef OPENSSL_NO_PSK
     /* ECDH PSK ciphersuites from RFC 5489 */
-
-	/* Cipher C037 */
+	/* Cipher C035 */
 	{
 	1,
-	TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
-	TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
+	TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA,
+	TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA,
 	SSL_kEECDH,
 	SSL_aPSK,
 	SSL_AES128,
-	SSL_SHA256,
+	SSL_SHA1,
 	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF_SHA256,
+	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	128,
 	128,
 	},
 
-	/* Cipher C038 */
+	/* Cipher C036 */
 	{
 	1,
-	TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
-	TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
+	TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA,
+	TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA,
 	SSL_kEECDH,
 	SSL_aPSK,
 	SSL_AES256,
-	SSL_SHA384,
+	SSL_SHA1,
 	SSL_TLSV1,
-	SSL_NOT_EXP|SSL_HIGH,
-	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF_SHA384,
+	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
 	256,
 	256,
 	},
@@ -3412,8 +3411,6 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 		break;
 #endif
 	case SSL_CTRL_CHANNEL_ID:
-		if (!s->server)
-			break;
 		s->tlsext_channel_id_enabled = 1;
 		ret = 1;
 		break;
@@ -3429,7 +3426,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 			}
 		if (s->tlsext_channel_id_private)
 			EVP_PKEY_free(s->tlsext_channel_id_private);
-		s->tlsext_channel_id_private = (EVP_PKEY*) parg;
+		s->tlsext_channel_id_private = EVP_PKEY_dup((EVP_PKEY*) parg);
 		ret = 1;
 		break;
 
@@ -3744,7 +3741,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
 			}
 		if (ctx->tlsext_channel_id_private)
 			EVP_PKEY_free(ctx->tlsext_channel_id_private);
-		ctx->tlsext_channel_id_private = (EVP_PKEY*) parg;
+		ctx->tlsext_channel_id_private = EVP_PKEY_dup((EVP_PKEY*) parg);
 		break;
 
 	default:
author	Parménides GV <parmegv@sdf.org>	2014-10-02 18:19:30 +0200
committer	Parménides GV <parmegv@sdf.org>	2014-10-02 18:19:30 +0200
commit	34643c6b5ab0643383e24025876b0d69859ba4f9 (patch)
tree	cb15666fb01b0f0410327ae7aaa23df444ac3b4c /app/openssl/ssl/s3_lib.c
parent	22b7ee4614a2f47d55496de8a9b55040c0f4ba85 (diff)
parent	914c5156b014970dde717b9a27c0c69f11cc7d98 (diff)