]> git.ipfire.org Git - thirdparty/curl.git/commitdiff
projects / thirdparty / curl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f36e32b)
sectransp: mark a 3DES cipher as weak
authorJan Venekamp <1422460+jan2000@users.noreply.github.com>
Sat, 19 Feb 2022 14:44:17 +0000 (15:44 +0100)
committerJay Satiro <raysatiro@yahoo.com>
Sun, 20 Feb 2022 21:13:31 +0000 (16:13 -0500)
- Change TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA strength to weak.

All other 3DES ciphers are already marked as weak.

Closes https://github.com/curl/curl/pull/8479

lib/vtls/sectransp.c patch | blob | blame | history

diff --git a/lib/vtls/sectransp.c b/lib/vtls/sectransp.c
index 059756eb69bd0ab1fd3135d84725fdc9d0880e6c..be41d4f4bbcb35933570276ad3b9d965e8b4ec75 100644 (file)
--- a/lib/vtls/sectransp.c
+++ b/lib/vtls/sectransp.c
@@ -603,7 +603,7 @@ const static struct st_cipher ciphertable[] = {
              CIPHER_WEAK_RC_ENCRYPTION),
   CIPHER_DEF(TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,                 /* 0xC003 */
              "ECDH-ECDSA-DES-CBC3-SHA",
-             CIPHER_STRONG_ENOUGH),
+             CIPHER_WEAK_3DES_ENCRYPTION),
   CIPHER_DEF(TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,                  /* 0xC004 */
              "ECDH-ECDSA-AES128-SHA",
              CIPHER_STRONG_ENOUGH),
Mirror of https://github.com/curl/curl.git