- Moved ciphersuite naming scheme to IANA reserved names

commit: 645ce3a2b4e21a1f4bead300b3ebe18d16b0ea68 [log] [tgz]
author: Paul Bakker <p.j.bakker@polarssl.org> Wed Oct 31 12:32:41 2012 +0000
committer: Paul Bakker <p.j.bakker@polarssl.org> Wed Oct 31 12:32:41 2012 +0000
tree: c64167a30082b6668e71dc1eee7b76c368f0db76
parent: bb0139c9240154036bcccaf80b1cebaa3ee2f1c8 [diff] [blame]
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 584f868..0e27677 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c

@@ -764,18 +764,18 @@
 
     SSL_DEBUG_MSG( 2, ( "=> write server key exchange" ) );
 
-    if( ssl->session_negotiate->ciphersuite != SSL_EDH_RSA_DES_SHA &&
-        ssl->session_negotiate->ciphersuite != SSL_EDH_RSA_DES_168_SHA &&
-        ssl->session_negotiate->ciphersuite != SSL_EDH_RSA_AES_128_SHA &&
-        ssl->session_negotiate->ciphersuite != SSL_EDH_RSA_AES_256_SHA &&
-        ssl->session_negotiate->ciphersuite != SSL_EDH_RSA_AES_128_SHA256 &&
-        ssl->session_negotiate->ciphersuite != SSL_EDH_RSA_AES_256_SHA256 &&
-        ssl->session_negotiate->ciphersuite != SSL_EDH_RSA_CAMELLIA_128_SHA &&
-        ssl->session_negotiate->ciphersuite != SSL_EDH_RSA_CAMELLIA_256_SHA &&
-        ssl->session_negotiate->ciphersuite != SSL_EDH_RSA_CAMELLIA_128_SHA256 &&
-        ssl->session_negotiate->ciphersuite != SSL_EDH_RSA_CAMELLIA_256_SHA256 &&
-        ssl->session_negotiate->ciphersuite != SSL_EDH_RSA_AES_128_GCM_SHA256 &&
-        ssl->session_negotiate->ciphersuite != SSL_EDH_RSA_AES_256_GCM_SHA384 )
+    if( ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_DES_CBC_SHA &&
+        ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA &&
+        ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_AES_128_CBC_SHA &&
+        ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_AES_256_CBC_SHA &&
+        ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 &&
+        ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 &&
+        ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA &&
+        ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA &&
+        ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 &&
+        ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 &&
+        ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 &&
+        ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 )
     {
         SSL_DEBUG_MSG( 2, ( "<= skip write server key exchange" ) );
         ssl->state++;
@@ -1041,18 +1041,18 @@
         return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
     }
 
-    if( ssl->session_negotiate->ciphersuite == SSL_EDH_RSA_DES_SHA ||
-        ssl->session_negotiate->ciphersuite == SSL_EDH_RSA_DES_168_SHA ||
-        ssl->session_negotiate->ciphersuite == SSL_EDH_RSA_AES_128_SHA ||
-        ssl->session_negotiate->ciphersuite == SSL_EDH_RSA_AES_256_SHA ||
-        ssl->session_negotiate->ciphersuite == SSL_EDH_RSA_AES_128_SHA256 ||
-        ssl->session_negotiate->ciphersuite == SSL_EDH_RSA_AES_256_SHA256 ||
-        ssl->session_negotiate->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA ||
-        ssl->session_negotiate->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA ||
-        ssl->session_negotiate->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA256 ||
-        ssl->session_negotiate->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA256 ||
-        ssl->session_negotiate->ciphersuite == SSL_EDH_RSA_AES_128_GCM_SHA256 ||
-        ssl->session_negotiate->ciphersuite == SSL_EDH_RSA_AES_256_GCM_SHA384 )
+    if( ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_DES_CBC_SHA ||
+        ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA ||
+        ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_AES_128_CBC_SHA ||
+        ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_AES_256_CBC_SHA ||
+        ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 ||
+        ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 ||
+        ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA ||
+        ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA ||
+        ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 ||
+        ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 ||
+        ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 ||
+        ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 )
     {
 #if !defined(POLARSSL_DHM_C)
         SSL_DEBUG_MSG( 1, ( "support for dhm is not available" ) );
commit	645ce3a2b4e21a1f4bead300b3ebe18d16b0ea68	[log] [tgz]
author	Paul Bakker <p.j.bakker@polarssl.org>	Wed Oct 31 12:32:41 2012 +0000
committer	Paul Bakker <p.j.bakker@polarssl.org>	Wed Oct 31 12:32:41 2012 +0000
tree	c64167a30082b6668e71dc1eee7b76c368f0db76
parent	bb0139c9240154036bcccaf80b1cebaa3ee2f1c8 [diff] [blame]