Add new experimental ciphersuites. Bring naming into line with RFC.

abed0b8a · Ben Laurie · 28db3401 · abed0b8a · abed0b8a
隐藏空白更改
内联并排

Showing with 57 addition and 12 deletion

ssl/s3_lib.c ssl/s3_lib.c +42 -6

ssl/tls1.h ssl/tls1.h +15 -6

未找到文件。
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -360,8 +360,8 @@ SSL_CIPHER ssl3_ciphers[]={
 	/* Cipher 60 */
 	    {
 	    1,
-	    TLS1_TXT_RSA_EXPORT56_WITH_RC4_56_MD5,
-	    TLS1_CK_RSA_EXPORT56_WITH_RC4_56_MD5,
+	    TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
+	    TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
 	    SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_EXP56|SSL_TLSV1,
 	    0,
 	    SSL_ALL_CIPHERS
@@ -369,8 +369,8 @@ SSL_CIPHER ssl3_ciphers[]={
 	/* Cipher 61 */
 	    {
 	    1,
-	    TLS1_TXT_RSA_EXPORT56_WITH_RC2_CBC_56_MD5,
-	    TLS1_CK_RSA_EXPORT56_WITH_RC2_CBC_56_MD5,
+	    TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
+	    TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
 	    SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_EXP56|SSL_TLSV1,
 	    0,
 	    SSL_ALL_CIPHERS
@@ -378,12 +378,48 @@ SSL_CIPHER ssl3_ciphers[]={
 	/* Cipher 62 */
 	    {
 	    1,
-	    TLS1_TXT_RSA_EXPORT56_WITH_DES_CBC_SHA,
-	    TLS1_CK_RSA_EXPORT56_WITH_DES_CBC_SHA,
+	    TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
+	    TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
 	    SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA|SSL_EXP56|SSL_TLSV1,
 	    0,
 	    SSL_ALL_CIPHERS
 	    },
+	/* Cipher 63 */
+	    {
+	    1,
+	    TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
+	    TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
+	    SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA|SSL_EXP56|SSL_TLSV1,
+	    0,
+	    SSL_ALL_CIPHERS
+	    },
+	/* Cipher 64 */
+	    {
+	    1,
+	    TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
+	    TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
+	    SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_EXP56|SSL_TLSV1,
+	    0,
+	    SSL_ALL_CIPHERS
+	    },
+	/* Cipher 65 */
+	    {
+	    1,
+	    TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
+	    TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
+	    SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_EXP56|SSL_TLSV1,
+	    0,
+	    SSL_ALL_CIPHERS
+	    },
+	/* Cipher 66 */
+	    {
+	    1,
+	    TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
+	    TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
+	    SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
+	    0,
+	    SSL_ALL_CIPHERS
+	    },
 #endif

 /* end of list */

--- a/ssl/tls1.h
+++ b/ssl/tls1.h
@@ -84,13 +84,22 @@ extern "C" {
 #define TLS1_AD_USER_CANCLED		90
 #define TLS1_AD_NO_RENEGOTIATION	100

-#define TLS1_CK_RSA_EXPORT56_WITH_RC4_56_MD5		0x03000060
-#define TLS1_CK_RSA_EXPORT56_WITH_RC2_CBC_56_MD5	0x03000061
-#define TLS1_CK_RSA_EXPORT56_WITH_DES_CBC_SHA		0x03000062
+#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5		0x03000060
+#define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5	0x03000061
+#define TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA		0x03000062
+#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA	0x03000063
+#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA		0x03000064
+#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA	0x03000065
+#define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA		0x03000066
+
+#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5		"EXP1024-RC4-MD5"
+#define TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5	"EXP1024-RC2-CBC-MD5"
+#define TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA	"EXP1024-DES-CBC-SHA"
+#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA	"EXP1024-DHE-DSS-DES-CBC-SHA"
+#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA		"EXP1024-RC4-SHA"
+#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA	"EXP1024-DHE-DSS-RC4-SHA"
+#define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA		"DHE-DSS-RC4-SHA"

-#define TLS1_TXT_RSA_EXPORT56_WITH_RC4_56_MD5		"EXP56-RC4-MD5"
-#define TLS1_TXT_RSA_EXPORT56_WITH_RC2_CBC_56_MD5	"EXP56-RC2-CBC-MD5"
-#define TLS1_TXT_RSA_EXPORT56_WITH_DES_CBC_SHA		"EXP56-DES-CBC-SHA"

 #define TLS_CT_RSA_SIGN			1
 #define TLS_CT_DSS_SIGN			2