SRP ciphersuite correction.

SRP ciphersuites do not have no authentication. They have authentication based on SRP. Add new SRP authentication flag and cipher string.

SRP ciphersuite correction.
SRP ciphersuites do not have no authentication. They have authentication based on SRP. Add new SRP authentication flag and cipher string.
447280ca · Dr. Stephen Henson · 1bea384f · 447280ca · 447280ca · 447280ca
隐藏空白更改
内联并排

Showing with 9 addition and 3 deletion

ssl/s3_lib.c ssl/s3_lib.c +3 -3

ssl/ssl.h ssl/ssl.h +1 -0

ssl/ssl_ciph.c ssl/ssl_ciph.c +4 -0

ssl/ssl_locl.h ssl/ssl_locl.h +1 -0

未找到文件。
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -2437,7 +2437,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 	TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
 	TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
 	SSL_kSRP,
-	SSL_aNULL,
+	SSL_aSRP,
 	SSL_3DES,
 	SSL_SHA1,
 	SSL_TLSV1,
@@ -2485,7 +2485,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 	TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
 	TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
 	SSL_kSRP,
-	SSL_aNULL,
+	SSL_aSRP,
 	SSL_AES128,
 	SSL_SHA1,
 	SSL_TLSV1,
@@ -2533,7 +2533,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
 	TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
 	TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
 	SSL_kSRP,
-	SSL_aNULL,
+	SSL_aSRP,
 	SSL_AES256,
 	SSL_SHA1,
 	SSL_TLSV1,

--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -266,6 +266,7 @@ extern "C" {
 #define SSL_TXT_aGOST94	"aGOST94"
 #define SSL_TXT_aGOST01 "aGOST01"
 #define SSL_TXT_aGOST  "aGOST"
+#define SSL_TXT_aSRP            "aSRP"

 #define	SSL_TXT_DSS		"DSS"
 #define SSL_TXT_DH		"DH"

--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -272,6 +272,7 @@ static const SSL_CIPHER cipher_aliases[]={
 	{0,SSL_TXT_aGOST94,0,0,SSL_aGOST94,0,0,0,0,0,0,0},
 	{0,SSL_TXT_aGOST01,0,0,SSL_aGOST01,0,0,0,0,0,0,0},
 	{0,SSL_TXT_aGOST,0,0,SSL_aGOST94|SSL_aGOST01,0,0,0,0,0,0,0},
+	{0,SSL_TXT_aSRP,0,    0,SSL_aSRP,  0,0,0,0,0,0,0},

 	/* aliases combining key exchange and server authentication */
 	{0,SSL_TXT_EDH,0,     SSL_kDHE,~SSL_aNULL,0,0,0,0,0,0,0},
@@ -1739,6 +1740,9 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
 	case SSL_aPSK:
 		au="PSK";
 		break;
+	case SSL_aSRP:
+		au="SRP";
+		break;
 	default:
 		au="unknown";
 		break;

--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -313,6 +313,7 @@
 #define SSL_aPSK                0x00000080L /* PSK auth */
 #define SSL_aGOST94				0x00000100L /* GOST R 34.10-94 signature auth */
 #define SSL_aGOST01 			0x00000200L /* GOST R 34.10-2001 signature auth */
+#define SSL_aSRP 		0x00000400L /* SRP auth */


 /* Bits for algorithm_enc (symmetric encryption) */