From 14d9358a0c0e232e95bf8f2bf7dcbcd7369e8dcb Mon Sep 17 00:00:00 2001
From: Jan Venekamp <1422460+jan2000@users.noreply.github.com>
Date: Sat, 19 Feb 2022 15:44:17 +0100
Subject: [PATCH] sectransp: mark a 3DES cipher as weak

- Change TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA strength to weak.

All other 3DES ciphers are already marked as weak.

Closes https://github.com/curl/curl/pull/8479
---
 lib/vtls/sectransp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/vtls/sectransp.c b/lib/vtls/sectransp.c
index 059756eb69..be41d4f4bb 100644
--- a/lib/vtls/sectransp.c
+++ b/lib/vtls/sectransp.c
@@ -603,7 +603,7 @@ const static struct st_cipher ciphertable[] = {
              CIPHER_WEAK_RC_ENCRYPTION),
   CIPHER_DEF(TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,                 /* 0xC003 */
              "ECDH-ECDSA-DES-CBC3-SHA",
-             CIPHER_STRONG_ENOUGH),
+             CIPHER_WEAK_3DES_ENCRYPTION),
   CIPHER_DEF(TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,                  /* 0xC004 */
              "ECDH-ECDSA-AES128-SHA",
              CIPHER_STRONG_ENOUGH),
-- 
2.47.3