[ssl] Prefer SSL_k(EC)?DHE to the SSL_kE(EC)?DH alias

`SSL_kECDHE` and `SSL_kEECDH`, and `SSL_kDHE` and `SSL_kEDH` are already
marked as aliases of each other in the headers.
This commit, for each pair, replaces the leftover uses of the latter
synonym with the first one, which is considered more common.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17763)

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 3b3cc8a32ae21fab25c26c4b8b1ab7fa155e1756..101d879faf5bc2d0bdd89173917f55bd96612f29 100644 (file)
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -2168,7 +2168,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
      TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
      TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
      TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
-     SSL_kEDH,
+     SSL_kDHE,
      SSL_aDSS,
      SSL_CAMELLIA128,
      SSL_SHA256,
@@ -2184,7 +2184,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
      TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
      TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
      TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
-     SSL_kEDH,
+     SSL_kDHE,
      SSL_aRSA,
      SSL_CAMELLIA128,
      SSL_SHA256,
@@ -2200,7 +2200,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
      TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
      TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256,
      TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
-     SSL_kEDH,
+     SSL_kDHE,
      SSL_aNULL,
      SSL_CAMELLIA128,
      SSL_SHA256,
@@ -2232,7 +2232,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
      TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
      TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
      TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
-     SSL_kEDH,
+     SSL_kDHE,
      SSL_aDSS,
      SSL_CAMELLIA256,
      SSL_SHA256,
@@ -2248,7 +2248,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
      TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
      TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
      TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
-     SSL_kEDH,
+     SSL_kDHE,
      SSL_aRSA,
      SSL_CAMELLIA256,
      SSL_SHA256,
@@ -2264,7 +2264,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
      TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
      TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256,
      TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
-     SSL_kEDH,
+     SSL_kDHE,
      SSL_aNULL,
      SSL_CAMELLIA256,
      SSL_SHA256,

diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index 4cfd005ebe85be4b524cfedffb03af79645fabcf..e13bbe8981d55f2084752882bfa446cb22c2299b 100644 (file)
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -1034,7 +1034,7 @@ static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx,
                 return 0;
             /* Level 3: forward secure ciphersuites only */
             if (level >= 3 && c->min_tls != TLS1_3_VERSION &&
-                               !(c->algorithm_mkey & (SSL_kEDH | SSL_kEECDH)))
+                               !(c->algorithm_mkey & (SSL_kDHE | SSL_kECDHE)))
                 return 0;
             break;
         }