[openssl-dev] [openssl.org #4438] AutoReply: GOST ciphersuites and DTLS
Dmitry Belyavsky via RT
rt at openssl.org
Sun Apr 3 10:03:04 UTC 2016
Hello!
The patch marking the GOST ciphersuites DTLS-uncapable is attached.
Thank you!
On Thu, Mar 17, 2016 at 4:28 PM, The default queue via RT <rt at openssl.org>
wrote:
>
> Greetings,
>
> This message has been automatically generated in response to the
> creation of a trouble ticket regarding:
> "GOST ciphersuites and DTLS",
> a summary of which appears below.
>
> There is no need to reply to this message right now. Your ticket has been
> assigned an ID of [openssl.org #4438].
>
> Please include the string:
>
> [openssl.org #4438]
>
> in the subject line of all future correspondence about this issue. To do
> so,
> you may reply to this message.
>
> Thank you,
> rt at openssl.org
>
> -------------------------------------------------------------------------
> Hello OpenSSL team,
>
> The GOST ciphersuites currently defined are not DTLS-capable.
>
> So it should be fixed in the ssl/s3_lib.c file.
>
> Thank you!
>
> --
> SY, Dmitry Belyavsky
>
>
> -------------------------------------------------------------------------
> http://rt.openssl.org/Ticket/Display.html?id=4438&user=guest&pass=guest
>
--
SY, Dmitry Belyavsky
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4438
Please log in as guest with password guest if prompted
-------------- next part --------------
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index ef65050..46987a9 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -2506,7 +2506,7 @@ static SSL_CIPHER ssl3_ciphers[] =
SSL_eGOST2814789CNT,
SSL_GOST89MAC,
TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_VERSION, DTLS1_2_VERSION,
+ 0, 0,
SSL_HIGH,
SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
256,
@@ -2521,7 +2521,7 @@ static SSL_CIPHER ssl3_ciphers[] =
SSL_eNULL,
SSL_GOST94,
TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_VERSION, DTLS1_2_VERSION,
+ 0, 0,
SSL_STRONG_NONE,
SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
0,
@@ -2536,7 +2536,7 @@ static SSL_CIPHER ssl3_ciphers[] =
SSL_eGOST2814789CNT12,
SSL_GOST89MAC12,
TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_VERSION, DTLS1_2_VERSION,
+ 0, 0,
SSL_HIGH,
SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
256,
@@ -2551,7 +2551,7 @@ static SSL_CIPHER ssl3_ciphers[] =
SSL_eNULL,
SSL_GOST12_256,
TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_VERSION, DTLS1_2_VERSION,
+ 0, 0,
SSL_STRONG_NONE,
SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
0,
More information about the openssl-dev
mailing list