diff options
author | Richard Levitte <levitte@openssl.org> | 2002-07-18 18:19:26 +0400 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2002-07-18 18:19:26 +0400 |
commit | 8b98de6653d2918d9b855fc57736b85adbfceb24 (patch) | |
tree | 6c51fa1583828a0dd44b40095e9c71f1287b26fe /ssl | |
parent | 951d8e0d6b1d66789f87ef8f492bdccd3b9b61e4 (diff) |
Merge in the latest chanegs from 0.9.6-stable.
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/s2_lib.c | 4 | ||||
-rw-r--r-- | ssl/s3_enc.c | 10 | ||||
-rw-r--r-- | ssl/s3_lib.c | 8 | ||||
-rw-r--r-- | ssl/ssl_locl.h | 15 | ||||
-rw-r--r-- | ssl/t1_enc.c | 10 |
5 files changed, 31 insertions, 16 deletions
diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c index a590dbfa5c..8bcd7f4903 100644 --- a/ssl/s2_lib.c +++ b/ssl/s2_lib.c @@ -76,7 +76,8 @@ OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={ SSL2_TXT_NULL_WITH_MD5, SSL2_CK_NULL_WITH_MD5, SSL_kRSA|SSL_aRSA|SSL_eNULL|SSL_MD5|SSL_SSLV2, - SSL_EXPORT|SSL_EXP40, + SSL_EXPORT|SSL_EXP40|SSL_STRONG_NONE, + 0, 0, 0, SSL_ALL_CIPHERS, @@ -196,6 +197,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={ SSL2_TXT_NULL, SSL2_CK_NULL, 0, + SSL_STRONG_NONE, 0, 0, 0, diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 1944814ca7..79fa4f97c2 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -368,10 +368,16 @@ int ssl3_setup_key_block(SSL *s) */ s->s3->need_empty_fragments = 1; + if (s->session->cipher != NULL) + { + if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_eNULL) + s->s3->need_empty_fragments = 0; + #ifndef NO_RC4 - if ((s->session->cipher != NULL) && ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4)) - s->s3->need_empty_fragments = 0; + if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4) + s->s3->need_empty_fragments = 0; #endif + } } return(1); diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 57a3fa4f81..9951ebb419 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -129,7 +129,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL3_TXT_RSA_NULL_MD5, SSL3_CK_RSA_NULL_MD5, SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_SSLV3, - SSL_NOT_EXP, + SSL_NOT_EXP|SSL_STRONG_NONE, 0, 0, 0, @@ -142,7 +142,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL3_TXT_RSA_NULL_SHA, SSL3_CK_RSA_NULL_SHA, SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3, - SSL_NOT_EXP, + SSL_NOT_EXP|SSL_STRONG_NONE, 0, 0, 0, @@ -490,7 +490,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL3_TXT_FZA_DMS_NULL_SHA, SSL3_CK_FZA_DMS_NULL_SHA, SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_SSLV3, - SSL_NOT_EXP, + SSL_NOT_EXP|SSL_STRONG_NONE, 0, 0, 0, @@ -504,7 +504,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL3_TXT_FZA_DMS_FZA_SHA, SSL3_CK_FZA_DMS_FZA_SHA, SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_SSLV3, - SSL_NOT_EXP, + SSL_NOT_EXP|SSL_STRONG_NONE, 0, 0, 0, diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 516d3cc5ae..9297cd2dc3 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -283,16 +283,17 @@ #define SSL_NOT_EXP 0x00000001L #define SSL_EXPORT 0x00000002L -#define SSL_STRONG_MASK 0x0000007cL -#define SSL_EXP40 0x00000004L +#define SSL_STRONG_MASK 0x000000fcL +#define SSL_STRONG_NONE 0x00000004L +#define SSL_EXP40 0x00000008L #define SSL_MICRO (SSL_EXP40) -#define SSL_EXP56 0x00000008L +#define SSL_EXP56 0x00000010L #define SSL_MINI (SSL_EXP56) -#define SSL_LOW 0x00000010L -#define SSL_MEDIUM 0x00000020L -#define SSL_HIGH 0x00000040L +#define SSL_LOW 0x00000020L +#define SSL_MEDIUM 0x00000040L +#define SSL_HIGH 0x00000080L -/* we have used 0000007f - 25 bits left to go */ +/* we have used 000000ff - 24 bits left to go */ /* * Macros to check the export status and cipher strength for export ciphers. diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 000bfa7248..f3ecc5f586 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -440,10 +440,16 @@ printf("\nkey block\n"); */ s->s3->need_empty_fragments = 1; + if (s->session->cipher != NULL) + { + if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_eNULL) + s->s3->need_empty_fragments = 0; + #ifndef NO_RC4 - if ((s->session->cipher != NULL) && ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4)) - s->s3->need_empty_fragments = 0; + if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4) + s->s3->need_empty_fragments = 0; #endif + } } return(1); |