minimum version was changed to TLS 1.0 for ciphersuites with SHA2

author Nikos Mavrogiannopoulos <nmav@redhat.com>

Tue, 22 Jul 2014 11:03:38 +0000 (13:03 +0200)

committer Nikos Mavrogiannopoulos <nmav@redhat.com>

Tue, 22 Jul 2014 11:03:38 +0000 (13:03 +0200)
author Nikos Mavrogiannopoulos <nmav@redhat.com>
Tue, 22 Jul 2014 11:03:38 +0000 (13:03 +0200)
committer Nikos Mavrogiannopoulos <nmav@redhat.com>
Tue, 22 Jul 2014 11:03:38 +0000 (13:03 +0200)
diff --git a/lib/algorithms/ciphersuites.c b/lib/algorithms/ciphersuites.c

index a5f94e7d63891c56ec67dd62e0d8b4e91fb5c09f..85be7b7da9a3fa6fa099bbd5295eda29b44c38c8 100644 (file)
--- a/lib/algorithms/ciphersuites.c
+++ b/lib/algorithms/ciphersuites.c
@@ -318,7 +318,7 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = {
               GNUTLS_DTLS_VERSION_MIN),
         ENTRY(GNUTLS_RSA_NULL_SHA256,
               GNUTLS_CIPHER_NULL,
-             GNUTLS_KX_RSA, GNUTLS_MAC_SHA256, GNUTLS_SSL3,
+             GNUTLS_KX_RSA, GNUTLS_MAC_SHA256, GNUTLS_TLS1,
               GNUTLS_DTLS_VERSION_MIN),
  
         /* RSA */
@@ -422,7 +422,7 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = {
         ENTRY(GNUTLS_DHE_DSS_CAMELLIA_256_CBC_SHA256,
               GNUTLS_CIPHER_CAMELLIA_256_CBC,
               GNUTLS_KX_DHE_DSS,
-             GNUTLS_MAC_SHA256, GNUTLS_SSL3,
+             GNUTLS_MAC_SHA256, GNUTLS_TLS1,
               GNUTLS_DTLS_VERSION_MIN),
  
         ENTRY(GNUTLS_DHE_DSS_CAMELLIA_128_CBC_SHA1,
@@ -684,11 +684,11 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = {
               GNUTLS_DTLS_VERSION_MIN),
         ENTRY(GNUTLS_ECDHE_PSK_NULL_SHA256,
               GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_PSK,
-             GNUTLS_MAC_SHA256, GNUTLS_SSL3,
+             GNUTLS_MAC_SHA256, GNUTLS_TLS1,
               GNUTLS_DTLS_VERSION_MIN),
         ENTRY_PRF(GNUTLS_ECDHE_PSK_NULL_SHA384,
                   GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_PSK,
-                 GNUTLS_MAC_SHA384, GNUTLS_SSL3,
+                 GNUTLS_MAC_SHA384, GNUTLS_TLS1,
                   GNUTLS_DTLS_VERSION_MIN, GNUTLS_MAC_SHA384),
         ENTRY(GNUTLS_ECDHE_PSK_CAMELLIA_128_CBC_SHA256,
               GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_ECDHE_PSK,
@@ -754,7 +754,7 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = {
               GNUTLS_DTLS_VERSION_MIN),
         ENTRY(GNUTLS_PSK_NULL_SHA256,
               GNUTLS_CIPHER_NULL, GNUTLS_KX_PSK,
-             GNUTLS_MAC_SHA256, GNUTLS_SSL3,
+             GNUTLS_MAC_SHA256, GNUTLS_TLS1,
               GNUTLS_DTLS_VERSION_MIN),
         ENTRY(GNUTLS_PSK_CAMELLIA_128_CBC_SHA256,
               GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_PSK,
@@ -780,7 +780,7 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = {
                   GNUTLS_DTLS_VERSION_MIN, GNUTLS_MAC_SHA384),
         ENTRY_PRF(GNUTLS_PSK_NULL_SHA384,
                   GNUTLS_CIPHER_NULL, GNUTLS_KX_PSK,
-                 GNUTLS_MAC_SHA384, GNUTLS_SSL3,
+                 GNUTLS_MAC_SHA384, GNUTLS_TLS1,
                   GNUTLS_DTLS_VERSION_MIN, GNUTLS_MAC_SHA384),
  
         /* RSA-PSK */
@@ -824,7 +824,7 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = {
               GNUTLS_DTLS_VERSION_MIN),
         ENTRY(GNUTLS_RSA_PSK_NULL_SHA256,
               GNUTLS_CIPHER_NULL, GNUTLS_KX_RSA_PSK,
-             GNUTLS_MAC_SHA256, GNUTLS_SSL3,
+             GNUTLS_MAC_SHA256, GNUTLS_TLS1,
               GNUTLS_DTLS_VERSION_MIN),
         ENTRY_PRF(GNUTLS_RSA_PSK_AES_256_GCM_SHA384,
                   GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_RSA_PSK,
@@ -836,7 +836,7 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = {
                   GNUTLS_DTLS_VERSION_MIN, GNUTLS_MAC_SHA384),
         ENTRY_PRF(GNUTLS_RSA_PSK_NULL_SHA384,
                   GNUTLS_CIPHER_NULL, GNUTLS_KX_RSA_PSK,
-                 GNUTLS_MAC_SHA384, GNUTLS_SSL3,
+                 GNUTLS_MAC_SHA384, GNUTLS_TLS1,
                   GNUTLS_DTLS_VERSION_MIN, GNUTLS_MAC_SHA384),
         ENTRY(GNUTLS_RSA_PSK_CAMELLIA_128_CBC_SHA256,
               GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_RSA_PSK,
@@ -879,11 +879,11 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = {
               GNUTLS_DTLS_VERSION_MIN),
         ENTRY(GNUTLS_DHE_PSK_NULL_SHA256,
               GNUTLS_CIPHER_NULL, GNUTLS_KX_DHE_PSK,
-             GNUTLS_MAC_SHA256, GNUTLS_SSL3,
+             GNUTLS_MAC_SHA256, GNUTLS_TLS1,
               GNUTLS_DTLS_VERSION_MIN),
         ENTRY_PRF(GNUTLS_DHE_PSK_NULL_SHA384,
                   GNUTLS_CIPHER_NULL, GNUTLS_KX_DHE_PSK,
-                 GNUTLS_MAC_SHA384, GNUTLS_SSL3,
+                 GNUTLS_MAC_SHA384, GNUTLS_TLS1,
                   GNUTLS_DTLS_VERSION_MIN, GNUTLS_MAC_SHA384),
         ENTRY_PRF(GNUTLS_DHE_PSK_AES_256_CBC_SHA384,
                   GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_PSK,
author	Nikos Mavrogiannopoulos <nmav@redhat.com>
	Tue, 22 Jul 2014 11:03:38 +0000 (13:03 +0200)
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>
	Tue, 22 Jul 2014 11:03:38 +0000 (13:03 +0200)