From 450f4219aba798c61998b3c61c933a7736359ccb Mon Sep 17 00:00:00 2001 From: Hakase Date: Mon, 23 Apr 2018 12:09:25 +0900 Subject: [PATCH] Update openssl-equal-pre6.patch --- openssl-equal-pre6.patch | 24 ++++++++++++++++++++---- 1 file changed, 20 insertions(+), 4 deletions(-) diff --git a/openssl-equal-pre6.patch b/openssl-equal-pre6.patch index 623d416..eb00e2f 100644 --- a/openssl-equal-pre6.patch +++ b/openssl-equal-pre6.patch @@ -71,9 +71,25 @@ index 5c6718f..d079e32 100644 # define SSL_R_UNINITIALIZED 276 # define SSL_R_UNKNOWN_ALERT_TYPE 246 diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c -index 6193269..5a330d6 100644 +index 6193269..8f9262f 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c +@@ -37,12 +37,12 @@ static SSL_CIPHER tls13_ciphers[] = { + TLS1_3_RFC_AES_128_GCM_SHA256, + TLS1_3_RFC_AES_128_GCM_SHA256, + TLS1_3_CK_AES_128_GCM_SHA256, +- 0, 0, ++ SSL_kANY, ++ SSL_aANY, + SSL_AES128GCM, + SSL_AEAD, + TLS1_3_VERSION, TLS1_3_VERSION, +- SSL_kANY, +- SSL_aANY, ++ 0, 0, + SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256, + 128, @@ -4095,6 +4095,17 @@ int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len) return 1; } @@ -127,13 +143,13 @@ index 6193269..5a330d6 100644 /* SUITE-B takes precedence over server preference and ChaCha priortiy */ - if (tls1_suiteb(s)) { +- prio = srvr; +- allow = clnt; +- } else if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) { + if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE || tls1_suiteb(s)) { prio = srvr; + in_group_flags = server_pref->in_group_flags; allow = clnt; -- } else if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) { -- prio = srvr; -- allow = clnt; -#ifndef OPENSSL_NO_CHACHA - /* If ChaCha20 is at the top of the client preference list, - and there are ChaCha20 ciphers in the server list, then