|
 |
c6cc0b |
diff -up nss/lib/ssl/ssl3con.c.reorder-cipher-suites nss/lib/ssl/ssl3con.c
|
|
|
e4d72e |
--- nss/lib/ssl/ssl3con.c.reorder-cipher-suites 2019-03-16 01:25:08.000000000 +0100
|
|
|
e4d72e |
+++ nss/lib/ssl/ssl3con.c 2019-03-21 14:22:01.578936057 +0100
|
|
|
e4d72e |
@@ -90,49 +90,44 @@ static ssl3CipherSuiteCfg cipherSuites[s
|
|
|
e4d72e |
{ TLS_CHACHA20_POLY1305_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE },
|
|
|
e4d72e |
{ TLS_AES_256_GCM_SHA384, SSL_ALLOWED, PR_TRUE, PR_FALSE },
|
|
|
e4d72e |
|
|
|
5f1c2b |
- { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
- { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
- { TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
- { TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
e4d72e |
{ TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
e4d72e |
- { TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
- /* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is out of order to work around
|
|
|
5f1c2b |
- * bug 946147.
|
|
|
5f1c2b |
- */
|
|
|
5f1c2b |
{ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
+ { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
5f1c2b |
+ { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
c6cc0b |
+ { TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
{ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
- { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
{ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
- { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
+ { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
5f1c2b |
+ { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
e4d72e |
+ { TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
{ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
- { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
5f1c2b |
{ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
5f1c2b |
- { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
5f1c2b |
+ { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
c6cc0b |
+ { TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
+ { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
+ { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
{ TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
5f1c2b |
- { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
5f1c2b |
{ TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
5f1c2b |
-
|
|
|
e4d72e |
+ { TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
c6cc0b |
+ { TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
c6cc0b |
+ { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
c6cc0b |
+ { TLS_DHE_DSS_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
c6cc0b |
+ { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
c6cc0b |
+ { TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
c6cc0b |
+ { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
c6cc0b |
+ { TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
c6cc0b |
{ TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
c6cc0b |
{ TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,SSL_ALLOWED,PR_TRUE, PR_FALSE},
|
|
|
c6cc0b |
{ TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
e4d72e |
- { TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
c6cc0b |
- { TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
c6cc0b |
{ TLS_DHE_RSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
c6cc0b |
{ TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
c6cc0b |
{ TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
c6cc0b |
{ TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
c6cc0b |
{ TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
c6cc0b |
{ TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
c6cc0b |
- { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
c6cc0b |
- { TLS_DHE_DSS_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
c6cc0b |
- { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
c6cc0b |
- { TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
c6cc0b |
- { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
c6cc0b |
- { TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
5f1c2b |
{ TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
{ TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
{ TLS_DHE_DSS_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
5f1c2b |
-
|
|
|
c6cc0b |
{ TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
c6cc0b |
{ TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
5f1c2b |
{ TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
e4d72e |
@@ -141,27 +136,21 @@ static ssl3CipherSuiteCfg cipherSuites[s
|
|
|
5f1c2b |
{ TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
5f1c2b |
{ TLS_ECDH_ECDSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
5f1c2b |
{ TLS_ECDH_RSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
5f1c2b |
-
|
|
|
5f1c2b |
- /* RSA */
|
|
|
5f1c2b |
- { TLS_RSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
e4d72e |
{ TLS_RSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
- { TLS_RSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
- { TLS_RSA_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
- { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
5f1c2b |
{ TLS_RSA_WITH_AES_256_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
{ TLS_RSA_WITH_AES_256_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
{ TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
5f1c2b |
+ { TLS_RSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
+ { TLS_RSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
+ { TLS_RSA_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
+ { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
5f1c2b |
{ TLS_RSA_WITH_SEED_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
5f1c2b |
{ TLS_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
{ TLS_RSA_WITH_RC4_128_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
{ TLS_RSA_WITH_RC4_128_MD5, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
|
|
5f1c2b |
-
|
|
|
5f1c2b |
- /* 56-bit DES "domestic" cipher suites */
|
|
|
5f1c2b |
{ TLS_DHE_RSA_WITH_DES_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
5f1c2b |
{ TLS_DHE_DSS_WITH_DES_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
5f1c2b |
{ TLS_RSA_WITH_DES_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
5f1c2b |
-
|
|
|
5f1c2b |
- /* ciphersuites with no encryption */
|
|
|
5f1c2b |
{ TLS_ECDHE_ECDSA_WITH_NULL_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
5f1c2b |
{ TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
5f1c2b |
{ TLS_ECDH_RSA_WITH_NULL_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
|
|
c6cc0b |
diff -up nss/lib/ssl/sslenum.c.reorder-cipher-suites nss/lib/ssl/sslenum.c
|
|
|
e4d72e |
--- nss/lib/ssl/sslenum.c.reorder-cipher-suites 2019-03-16 01:25:08.000000000 +0100
|
|
|
e4d72e |
+++ nss/lib/ssl/sslenum.c 2019-03-21 14:22:16.479624167 +0100
|
|
|
e4d72e |
@@ -59,49 +59,44 @@ const PRUint16 SSL_ImplementedCiphers[]
|
|
|
e4d72e |
TLS_CHACHA20_POLY1305_SHA256,
|
|
|
e4d72e |
TLS_AES_256_GCM_SHA384,
|
|
|
e4d72e |
|
|
|
5f1c2b |
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
|
|
|
5f1c2b |
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
|
|
5f1c2b |
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
|
|
|
5f1c2b |
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
|
|
|
5f1c2b |
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
|
|
|
5f1c2b |
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
|
|
5f1c2b |
- /* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA must appear before
|
|
|
5f1c2b |
- * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA to work around bug 946147.
|
|
|
5f1c2b |
- */
|
|
|
5f1c2b |
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
|
|
|
5f1c2b |
+ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
|
|
|
5f1c2b |
+ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
|
|
|
c6cc0b |
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
|
|
|
5f1c2b |
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
|
|
|
5f1c2b |
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
|
|
|
5f1c2b |
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
|
|
|
5f1c2b |
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
|
|
|
5f1c2b |
+ TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
|
|
|
5f1c2b |
+ TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
|
|
|
5f1c2b |
+ TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
|
|
5f1c2b |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
|
|
|
5f1c2b |
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
|
|
|
5f1c2b |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
|
|
|
5f1c2b |
- TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
|
|
|
5f1c2b |
+ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
|
|
c6cc0b |
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
|
|
|
5f1c2b |
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
|
|
|
5f1c2b |
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
|
|
|
5f1c2b |
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
|
|
|
5f1c2b |
- TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
|
|
|
5f1c2b |
TLS_ECDHE_RSA_WITH_RC4_128_SHA,
|
|
|
5f1c2b |
-
|
|
|
c6cc0b |
+ TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
|
|
|
c6cc0b |
+ TLS_DHE_DSS_WITH_AES_256_GCM_SHA384,
|
|
|
c6cc0b |
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
|
|
|
c6cc0b |
+ TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
|
|
|
c6cc0b |
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
|
|
|
c6cc0b |
+ TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,
|
|
|
c6cc0b |
+ TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
|
|
|
c6cc0b |
+ TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
|
|
|
c6cc0b |
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
|
|
|
c6cc0b |
TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
|
|
|
c6cc0b |
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,
|
|
|
c6cc0b |
- TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
|
|
|
c6cc0b |
- TLS_DHE_DSS_WITH_AES_256_GCM_SHA384,
|
|
|
c6cc0b |
TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
|
|
|
c6cc0b |
TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
|
|
|
c6cc0b |
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
|
|
|
c6cc0b |
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,
|
|
|
c6cc0b |
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
|
|
|
c6cc0b |
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
|
|
|
c6cc0b |
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
|
|
|
c6cc0b |
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
|
|
|
c6cc0b |
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
|
|
|
c6cc0b |
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,
|
|
|
c6cc0b |
- TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
|
|
|
c6cc0b |
- TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
|
|
|
5f1c2b |
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
|
|
|
5f1c2b |
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
|
|
|
5f1c2b |
TLS_DHE_DSS_WITH_RC4_128_SHA,
|
|
|
5f1c2b |
-
|
|
|
c6cc0b |
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
|
|
|
c6cc0b |
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
|
|
|
5f1c2b |
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
|
|
|
e4d72e |
@@ -110,26 +105,21 @@ const PRUint16 SSL_ImplementedCiphers[]
|
|
|
5f1c2b |
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
|
|
|
5f1c2b |
TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
|
|
|
5f1c2b |
TLS_ECDH_RSA_WITH_RC4_128_SHA,
|
|
|
5f1c2b |
-
|
|
|
5f1c2b |
- TLS_RSA_WITH_AES_128_GCM_SHA256,
|
|
|
5f1c2b |
TLS_RSA_WITH_AES_256_GCM_SHA384,
|
|
|
5f1c2b |
- TLS_RSA_WITH_AES_128_CBC_SHA,
|
|
|
5f1c2b |
- TLS_RSA_WITH_AES_128_CBC_SHA256,
|
|
|
5f1c2b |
- TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
|
|
|
5f1c2b |
TLS_RSA_WITH_AES_256_CBC_SHA,
|
|
|
5f1c2b |
TLS_RSA_WITH_AES_256_CBC_SHA256,
|
|
|
5f1c2b |
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
|
|
|
5f1c2b |
+ TLS_RSA_WITH_AES_128_GCM_SHA256,
|
|
|
5f1c2b |
+ TLS_RSA_WITH_AES_128_CBC_SHA,
|
|
|
5f1c2b |
+ TLS_RSA_WITH_AES_128_CBC_SHA256,
|
|
|
5f1c2b |
+ TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
|
|
|
5f1c2b |
TLS_RSA_WITH_SEED_CBC_SHA,
|
|
|
5f1c2b |
TLS_RSA_WITH_3DES_EDE_CBC_SHA,
|
|
|
5f1c2b |
TLS_RSA_WITH_RC4_128_SHA,
|
|
|
5f1c2b |
TLS_RSA_WITH_RC4_128_MD5,
|
|
|
5f1c2b |
-
|
|
|
5f1c2b |
- /* 56-bit DES "domestic" cipher suites */
|
|
|
5f1c2b |
TLS_DHE_RSA_WITH_DES_CBC_SHA,
|
|
|
5f1c2b |
TLS_DHE_DSS_WITH_DES_CBC_SHA,
|
|
|
5f1c2b |
TLS_RSA_WITH_DES_CBC_SHA,
|
|
|
5f1c2b |
-
|
|
|
5f1c2b |
- /* ciphersuites with no encryption */
|
|
|
5f1c2b |
TLS_ECDHE_ECDSA_WITH_NULL_SHA,
|
|
|
5f1c2b |
TLS_ECDHE_RSA_WITH_NULL_SHA,
|
|
|
5f1c2b |
TLS_ECDH_RSA_WITH_NULL_SHA,
|