Don't mark the eNULL ciphers as non-default.

They're not part of ALL, so they're not part of COMPLEMENTOFDEFAULT Reviewed-by: N Rich Salz <rsalz@openssl.org> MR: #2202

Don't mark the eNULL ciphers as non-default.
They're not part of ALL, so they're not part of COMPLEMENTOFDEFAULT Reviewed-by: N Rich Salz <rsalz@openssl.org> MR: #2202
1510b5f7 · Kurt Roeckx · 5b7af0dd · 1510b5f7 · 1510b5f7
隐藏空白更改
内联并排

Showing with 20 addition and 20 deletion

ssl/s3_lib.c ssl/s3_lib.c +19 -19

ssl/ssl_ciph.c ssl/ssl_ciph.c +1 -1

未找到文件。
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -172,7 +172,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
     SSL_eNULL,
     SSL_MD5,
     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_STRONG_NONE,
+     SSL_STRONG_NONE,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
@@ -188,7 +188,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
     SSL_eNULL,
     SSL_SHA1,
     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+     SSL_STRONG_NONE | SSL_FIPS,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
@@ -338,7 +338,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
     SSL_eNULL,
     SSL_SHA1,
     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+     SSL_STRONG_NONE | SSL_FIPS,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
@@ -353,7 +353,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
     SSL_eNULL,
     SSL_SHA1,
     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+     SSL_STRONG_NONE | SSL_FIPS,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
@@ -368,7 +368,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
     SSL_eNULL,
     SSL_SHA1,
     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+     SSL_STRONG_NONE | SSL_FIPS,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
@@ -512,7 +512,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
     SSL_eNULL,
     SSL_SHA256,
     SSL_TLSV1_2,
-     SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+     SSL_STRONG_NONE | SSL_FIPS,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
@@ -740,7 +740,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
     SSL_eNULL,
     SSL_GOST94,
     SSL_TLSV1,
-     SSL_NOT_DEFAULT | SSL_STRONG_NONE,
+     SSL_STRONG_NONE,
     SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
     0,
     0
@@ -1354,7 +1354,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
     SSL_eNULL,
     SSL_SHA256,
     SSL_TLSV1,
-     SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+     SSL_STRONG_NONE | SSL_FIPS,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
@@ -1370,7 +1370,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
     SSL_eNULL,
     SSL_SHA384,
     SSL_TLSV1,
-     SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+     SSL_STRONG_NONE | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     0,
     0,
@@ -1418,7 +1418,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
     SSL_eNULL,
     SSL_SHA256,
     SSL_TLSV1,
-     SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+     SSL_STRONG_NONE | SSL_FIPS,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
@@ -1434,7 +1434,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
     SSL_eNULL,
     SSL_SHA384,
     SSL_TLSV1,
-     SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+     SSL_STRONG_NONE | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     0,
     0,
@@ -1482,7 +1482,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
     SSL_eNULL,
     SSL_SHA256,
     SSL_TLSV1,
-     SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+     SSL_STRONG_NONE | SSL_FIPS,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
@@ -1498,7 +1498,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
     SSL_eNULL,
     SSL_SHA384,
     SSL_TLSV1,
-     SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+     SSL_STRONG_NONE | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     0,
     0,
@@ -1649,7 +1649,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
     SSL_eNULL,
     SSL_SHA1,
     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+     SSL_STRONG_NONE | SSL_FIPS,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
@@ -1731,7 +1731,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
     SSL_eNULL,
     SSL_SHA1,
     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+     SSL_STRONG_NONE | SSL_FIPS,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
@@ -1813,7 +1813,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
     SSL_eNULL,
     SSL_SHA1,
     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+     SSL_STRONG_NONE | SSL_FIPS,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
@@ -2275,7 +2275,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
     SSL_eNULL,
     SSL_SHA1,
     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+     SSL_STRONG_NONE | SSL_FIPS,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
@@ -2291,7 +2291,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
     SSL_eNULL,
     SSL_SHA256,
     SSL_TLSV1,
-     SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+     SSL_STRONG_NONE | SSL_FIPS,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
@@ -2307,7 +2307,7 @@ static const SSL_CIPHER ssl3_ciphers[] = {
     SSL_eNULL,
     SSL_SHA384,
     SSL_TLSV1,
-     SSL_NOT_DEFAULT | SSL_STRONG_NONE | SSL_FIPS,
+     SSL_STRONG_NONE | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     0,
     0,

--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -296,7 +296,7 @@ static const SSL_CIPHER cipher_aliases[] = {
     * "COMPLEMENTOFDEFAULT" (does *not* include ciphersuites not found in
     * ALL!)
     */
-    {0, SSL_TXT_CMPDEF, 0, 0, 0, ~SSL_eNULL, 0, 0, SSL_NOT_DEFAULT, 0, 0, 0},
+    {0, SSL_TXT_CMPDEF, 0, 0, 0, 0, 0, 0, SSL_NOT_DEFAULT, 0, 0, 0},

    /*
     * key exchange aliases (some of those using only a single bit here