Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
8 个月 前同步成功

通知 8
Star 18
Fork 1
T
Third Party Openssl

前往新版Gitcode,体验更适合开发者的 AI 搜索 >>

提交 ef28891b 编写于 作者: R Rich Salz 提交者: Matt Caswell
浏览文件
操作

Put DES into "not default" category. 

Add CVE to CHANGES
Reviewed-by: NEmilia Käsper <emilia@openssl.org>
上级 d33726b9
隐藏空白更改
内联 并排
Showing with 14 addition and 13 deletion
CHANGES
浏览文件 @ ef28891b
...@@ -4,8 +4,9 @@ ...@@ -4,8 +4,9 @@
Changes between 1.0.2h and 1.1.0 [xx XXX xxxx] Changes between 1.0.2h and 1.1.0 [xx XXX xxxx]
*) Because of the SWEET32 attack, 3DES cipher suites have been disabled by *) To mitigate the SWEET32 attack (CVE-2016-2183), 3DES cipher suites
default like RC4. See the RC4 item below to re-enable both. have been disabled by default and removed from DEFAULT, just like RC4.
See the RC4 item below to re-enable both.
[Rich Salz] [Rich Salz]
*) The method for finding the storage location for the Windows RAND seed file *) The method for finding the storage location for the Windows RAND seed file
......
ssl/s3_lib.c
浏览文件 @ ef28891b
...@@ -57,7 +57,7 @@ ...@@ -57,7 +57,7 @@
#define SSL3_NUM_CIPHERS OSSL_NELEM(ssl3_ciphers) #define SSL3_NUM_CIPHERS OSSL_NELEM(ssl3_ciphers)
/* /*
* The list of available ciphers, organized into the following * The list of available ciphers, mostly organized into the following
* groups: * groups:
* Always there * Always there
* EC * EC
...@@ -108,7 +108,7 @@ static SSL_CIPHER ssl3_ciphers[] = { ...@@ -108,7 +108,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
SSL_SHA1, SSL_SHA1,
SSL3_VERSION, TLS1_2_VERSION, SSL3_VERSION, TLS1_2_VERSION,
DTLS1_BAD_VER, DTLS1_2_VERSION, DTLS1_BAD_VER, DTLS1_2_VERSION,
SSL_MEDIUM | SSL_FIPS, SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112, 112,
168, 168,
...@@ -138,7 +138,7 @@ static SSL_CIPHER ssl3_ciphers[] = { ...@@ -138,7 +138,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
SSL_SHA1, SSL_SHA1,
SSL3_VERSION, TLS1_2_VERSION, SSL3_VERSION, TLS1_2_VERSION,
DTLS1_BAD_VER, DTLS1_2_VERSION, DTLS1_BAD_VER, DTLS1_2_VERSION,
SSL_MEDIUM | SSL_FIPS, SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112, 112,
168, 168,
...@@ -862,7 +862,7 @@ static SSL_CIPHER ssl3_ciphers[] = { ...@@ -862,7 +862,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
SSL_SHA1, SSL_SHA1,
SSL3_VERSION, TLS1_2_VERSION, SSL3_VERSION, TLS1_2_VERSION,
DTLS1_BAD_VER, DTLS1_2_VERSION, DTLS1_BAD_VER, DTLS1_2_VERSION,
SSL_MEDIUM | SSL_FIPS, SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112, 112,
168, 168,
...@@ -924,7 +924,7 @@ static SSL_CIPHER ssl3_ciphers[] = { ...@@ -924,7 +924,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
SSL_SHA1, SSL_SHA1,
SSL3_VERSION, TLS1_2_VERSION, SSL3_VERSION, TLS1_2_VERSION,
DTLS1_BAD_VER, DTLS1_2_VERSION, DTLS1_BAD_VER, DTLS1_2_VERSION,
SSL_MEDIUM | SSL_FIPS, SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112, 112,
168, 168,
...@@ -1201,7 +1201,7 @@ static SSL_CIPHER ssl3_ciphers[] = { ...@@ -1201,7 +1201,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
SSL_SHA1, SSL_SHA1,
SSL3_VERSION, TLS1_2_VERSION, SSL3_VERSION, TLS1_2_VERSION,
DTLS1_BAD_VER, DTLS1_2_VERSION, DTLS1_BAD_VER, DTLS1_2_VERSION,
SSL_MEDIUM | SSL_FIPS, SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112, 112,
168, 168,
...@@ -1248,7 +1248,7 @@ static SSL_CIPHER ssl3_ciphers[] = { ...@@ -1248,7 +1248,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
SSL_SHA1, SSL_SHA1,
SSL3_VERSION, TLS1_2_VERSION, SSL3_VERSION, TLS1_2_VERSION,
DTLS1_BAD_VER, DTLS1_2_VERSION, DTLS1_BAD_VER, DTLS1_2_VERSION,
SSL_MEDIUM | SSL_FIPS, SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112, 112,
168, 168,
...@@ -1295,7 +1295,7 @@ static SSL_CIPHER ssl3_ciphers[] = { ...@@ -1295,7 +1295,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
SSL_SHA1, SSL_SHA1,
SSL3_VERSION, TLS1_2_VERSION, SSL3_VERSION, TLS1_2_VERSION,
DTLS1_BAD_VER, DTLS1_2_VERSION, DTLS1_BAD_VER, DTLS1_2_VERSION,
SSL_MEDIUM | SSL_FIPS, SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112, 112,
168, 168,
...@@ -1613,7 +1613,7 @@ static SSL_CIPHER ssl3_ciphers[] = { ...@@ -1613,7 +1613,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
SSL_SHA1, SSL_SHA1,
SSL3_VERSION, TLS1_2_VERSION, SSL3_VERSION, TLS1_2_VERSION,
DTLS1_BAD_VER, DTLS1_2_VERSION, DTLS1_BAD_VER, DTLS1_2_VERSION,
SSL_MEDIUM | SSL_FIPS, SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112, 112,
168, 168,
...@@ -1739,7 +1739,7 @@ static SSL_CIPHER ssl3_ciphers[] = { ...@@ -1739,7 +1739,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
SSL_SHA1, SSL_SHA1,
SSL3_VERSION, TLS1_2_VERSION, SSL3_VERSION, TLS1_2_VERSION,
DTLS1_BAD_VER, DTLS1_2_VERSION, DTLS1_BAD_VER, DTLS1_2_VERSION,
SSL_MEDIUM, SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112, 112,
168, 168,
...@@ -1754,7 +1754,7 @@ static SSL_CIPHER ssl3_ciphers[] = { ...@@ -1754,7 +1754,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
SSL_SHA1, SSL_SHA1,
SSL3_VERSION, TLS1_2_VERSION, SSL3_VERSION, TLS1_2_VERSION,
DTLS1_BAD_VER, DTLS1_2_VERSION, DTLS1_BAD_VER, DTLS1_2_VERSION,
SSL_MEDIUM, SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112, 112,
168, 168,
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册