summaryrefslogtreecommitdiff
path: root/main/openssl/include
diff options
context:
space:
mode:
Diffstat (limited to 'main/openssl/include')
-rw-r--r--main/openssl/include/openssl/opensslconf-32.h6
-rw-r--r--main/openssl/include/openssl/opensslconf-64.h6
-rw-r--r--main/openssl/include/openssl/opensslconf-static-32.h6
-rw-r--r--main/openssl/include/openssl/opensslconf-static-64.h6
-rw-r--r--main/openssl/include/openssl/ssl.h1
-rw-r--r--main/openssl/include/openssl/tls1.h14
6 files changed, 33 insertions, 6 deletions
diff --git a/main/openssl/include/openssl/opensslconf-32.h b/main/openssl/include/openssl/opensslconf-32.h
index d6625489..caf6f1b8 100644
--- a/main/openssl/include/openssl/opensslconf-32.h
+++ b/main/openssl/include/openssl/opensslconf-32.h
@@ -53,6 +53,9 @@
#ifndef OPENSSL_NO_RFC3779
# define OPENSSL_NO_RFC3779
#endif
+#ifndef OPENSSL_NO_RIPEMD
+# define OPENSSL_NO_RIPEMD
+#endif
#ifndef OPENSSL_NO_RSAX
# define OPENSSL_NO_RSAX
#endif
@@ -137,6 +140,9 @@
# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
# define NO_RFC3779
# endif
+# if defined(OPENSSL_NO_RIPEMD) && !defined(NO_RIPEMD)
+# define NO_RIPEMD
+# endif
# if defined(OPENSSL_NO_RSAX) && !defined(NO_RSAX)
# define NO_RSAX
# endif
diff --git a/main/openssl/include/openssl/opensslconf-64.h b/main/openssl/include/openssl/opensslconf-64.h
index 70c5a2cb..88fb0419 100644
--- a/main/openssl/include/openssl/opensslconf-64.h
+++ b/main/openssl/include/openssl/opensslconf-64.h
@@ -53,6 +53,9 @@
#ifndef OPENSSL_NO_RFC3779
# define OPENSSL_NO_RFC3779
#endif
+#ifndef OPENSSL_NO_RIPEMD
+# define OPENSSL_NO_RIPEMD
+#endif
#ifndef OPENSSL_NO_RSAX
# define OPENSSL_NO_RSAX
#endif
@@ -137,6 +140,9 @@
# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
# define NO_RFC3779
# endif
+# if defined(OPENSSL_NO_RIPEMD) && !defined(NO_RIPEMD)
+# define NO_RIPEMD
+# endif
# if defined(OPENSSL_NO_RSAX) && !defined(NO_RSAX)
# define NO_RSAX
# endif
diff --git a/main/openssl/include/openssl/opensslconf-static-32.h b/main/openssl/include/openssl/opensslconf-static-32.h
index d6625489..caf6f1b8 100644
--- a/main/openssl/include/openssl/opensslconf-static-32.h
+++ b/main/openssl/include/openssl/opensslconf-static-32.h
@@ -53,6 +53,9 @@
#ifndef OPENSSL_NO_RFC3779
# define OPENSSL_NO_RFC3779
#endif
+#ifndef OPENSSL_NO_RIPEMD
+# define OPENSSL_NO_RIPEMD
+#endif
#ifndef OPENSSL_NO_RSAX
# define OPENSSL_NO_RSAX
#endif
@@ -137,6 +140,9 @@
# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
# define NO_RFC3779
# endif
+# if defined(OPENSSL_NO_RIPEMD) && !defined(NO_RIPEMD)
+# define NO_RIPEMD
+# endif
# if defined(OPENSSL_NO_RSAX) && !defined(NO_RSAX)
# define NO_RSAX
# endif
diff --git a/main/openssl/include/openssl/opensslconf-static-64.h b/main/openssl/include/openssl/opensslconf-static-64.h
index 70c5a2cb..88fb0419 100644
--- a/main/openssl/include/openssl/opensslconf-static-64.h
+++ b/main/openssl/include/openssl/opensslconf-static-64.h
@@ -53,6 +53,9 @@
#ifndef OPENSSL_NO_RFC3779
# define OPENSSL_NO_RFC3779
#endif
+#ifndef OPENSSL_NO_RIPEMD
+# define OPENSSL_NO_RIPEMD
+#endif
#ifndef OPENSSL_NO_RSAX
# define OPENSSL_NO_RSAX
#endif
@@ -137,6 +140,9 @@
# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
# define NO_RFC3779
# endif
+# if defined(OPENSSL_NO_RIPEMD) && !defined(NO_RIPEMD)
+# define NO_RIPEMD
+# endif
# if defined(OPENSSL_NO_RSAX) && !defined(NO_RSAX)
# define NO_RSAX
# endif
diff --git a/main/openssl/include/openssl/ssl.h b/main/openssl/include/openssl/ssl.h
index 06bb90f8..a85841b3 100644
--- a/main/openssl/include/openssl/ssl.h
+++ b/main/openssl/include/openssl/ssl.h
@@ -1816,6 +1816,7 @@ int SSL_CIPHER_get_bits(const SSL_CIPHER *c,int *alg_bits);
char * SSL_CIPHER_get_version(const SSL_CIPHER *c);
const char * SSL_CIPHER_get_name(const SSL_CIPHER *c);
unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c);
+const char * SSL_CIPHER_authentication_method(const SSL_CIPHER* cipher);
int SSL_get_fd(const SSL *s);
int SSL_get_rfd(const SSL *s);
diff --git a/main/openssl/include/openssl/tls1.h b/main/openssl/include/openssl/tls1.h
index 66520893..b9a0899e 100644
--- a/main/openssl/include/openssl/tls1.h
+++ b/main/openssl/include/openssl/tls1.h
@@ -532,9 +532,11 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
#define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 0x0300C031
#define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 0x0300C032
-/* ECDHE PSK ciphersuites from RFC 5489 */
-#define TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0x0300C037
-#define TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0x0300C038
+/* ECDHE PSK ciphersuites from RFC5489
+ * SHA-2 cipher suites are omitted because they cannot be used safely with
+ * SSLv3. */
+#define TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA 0x0300C035
+#define TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA 0x0300C036
/* XXX
* Inconsistency alert:
@@ -687,9 +689,9 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
#define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 "ECDH-RSA-AES128-GCM-SHA256"
#define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 "ECDH-RSA-AES256-GCM-SHA384"
-/* ECDHE PSK ciphersuites from RFC 5489 */
-#define TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256 "ECDHE-PSK-WITH-AES-128-CBC-SHA256"
-#define TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384 "ECDHE-PSK-WITH-AES-256-CBC-SHA384"
+/* ECDHE PSK ciphersuites from RFC5489 */
+#define TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA "ECDHE-PSK-AES128-CBC-SHA"
+#define TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA "ECDHE-PSK-AES256-CBC-SHA"
#define TLS_CT_RSA_SIGN 1
#define TLS_CT_DSS_SIGN 2
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-18 20:02:21 +0000