From 20b9af799809d8391b024fa8843c03278be0a93e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 26 Nov 2013 14:31:44 +0100 Subject: [PATCH] Fix min_version (TLS 1.0) for ECDHE-PSK suites --- library/ssl_ciphersuites.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index d4f8c7e52..89744a671 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -948,13 +948,13 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(POLARSSL_SHA1_C) { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA", POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA", POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, #endif /* POLARSSL_SHA1_C */ @@ -986,7 +986,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(POLARSSL_SHA1_C) { TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA", POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, #endif /* POLARSSL_SHA1_C */ @@ -997,7 +997,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(POLARSSL_SHA1_C) { TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA", POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, #endif /* POLARSSL_SHA1_C */ @@ -1202,7 +1202,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(POLARSSL_SHA1_C) { TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA", POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_WEAK }, #endif /* POLARSSL_SHA1_C */