From 76e2025727223f9f2046f28d06b04368b76d0ae3 Mon Sep 17 00:00:00 2001
From: Hakase <hakase@hakase.app>
Date: Mon, 4 Jun 2018 20:41:10 +0900
Subject: [PATCH] Weak 3DES cipher is not used in TLSv1.1 or later.

---
 openssl-equal-pre8.patch         | 35 ++++++++++++++++++++++++++++----
 openssl-equal-pre8_ciphers.patch | 35 ++++++++++++++++++++++++++++----
 2 files changed, 62 insertions(+), 8 deletions(-)

diff --git a/openssl-equal-pre8.patch b/openssl-equal-pre8.patch
index 2da97bc..28683a2 100644
--- a/openssl-equal-pre8.patch
+++ b/openssl-equal-pre8.patch
@@ -103,9 +103,36 @@ index 8822ca25c3..63ecafe373 100644
                                  (unsigned int)rec->length) <= 0
              || EVP_CipherFinal_ex(ctx, rec->data + lenu, &lenf) <= 0
 diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
-index 354769b0c1..f883175359 100644
+index 354769b0c1..ef48c9b312 100644
 --- a/ssl/s3_lib.c
 +++ b/ssl/s3_lib.c
+@@ -167,7 +167,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
+      SSL_aRSA,
+      SSL_3DES,
+      SSL_SHA1,
+-     SSL3_VERSION, TLS1_2_VERSION,
++     SSL3_VERSION, TLS1_VERSION,
+      DTLS1_BAD_VER, DTLS1_2_VERSION,
+      SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
+      SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+@@ -232,7 +232,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
+      SSL_aRSA,
+      SSL_AES128,
+      SSL_SHA1,
+-     SSL3_VERSION, TLS1_2_VERSION,
++     SSL3_VERSION, TLS1_VERSION,
+      DTLS1_BAD_VER, DTLS1_2_VERSION,
+      SSL_HIGH | SSL_FIPS,
+      SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+@@ -296,7 +296,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
+      SSL_aRSA,
+      SSL_AES256,
+      SSL_SHA1,
+-     SSL3_VERSION, TLS1_2_VERSION,
++     SSL3_VERSION, TLS1_VERSION,
+      DTLS1_BAD_VER, DTLS1_2_VERSION,
+      SSL_HIGH | SSL_FIPS,
+      SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
 @@ -4095,6 +4095,17 @@ int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
      return 1;
  }
@@ -160,13 +187,13 @@ index 354769b0c1..f883175359 100644
  
      /* SUITE-B takes precedence over server preference and ChaCha priortiy */
 -    if (tls1_suiteb(s)) {
--        prio = srvr;
--        allow = clnt;
--    } else if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
 +    if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE || tls1_suiteb(s)) {
          prio = srvr;
 +        in_group_flags = server_pref->in_group_flags;
          allow = clnt;
+-    } else if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
+-        prio = srvr;
+-        allow = clnt;
 -#ifndef OPENSSL_NO_CHACHA
 -        /* If ChaCha20 is at the top of the client preference list,
 -           and there are ChaCha20 ciphers in the server list, then
diff --git a/openssl-equal-pre8_ciphers.patch b/openssl-equal-pre8_ciphers.patch
index 342b25e..4763c8b 100644
--- a/openssl-equal-pre8_ciphers.patch
+++ b/openssl-equal-pre8_ciphers.patch
@@ -82,7 +82,7 @@ index 8822ca25c3..63ecafe373 100644
                                  (unsigned int)rec->length) <= 0
              || EVP_CipherFinal_ex(ctx, rec->data + lenu, &lenf) <= 0
 diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
-index 354769b0c1..f5e5beba3c 100644
+index 354769b0c1..f90634d600 100644
 --- a/ssl/s3_lib.c
 +++ b/ssl/s3_lib.c
 @@ -31,7 +31,23 @@ const unsigned char tls12downgrade[] = {
@@ -132,6 +132,33 @@ index 354769b0c1..f5e5beba3c 100644
      {
       1,
       SSL3_TXT_RSA_NULL_MD5,
+@@ -167,7 +171,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
+      SSL_aRSA,
+      SSL_3DES,
+      SSL_SHA1,
+-     SSL3_VERSION, TLS1_2_VERSION,
++     SSL3_VERSION, TLS1_VERSION,
+      DTLS1_BAD_VER, DTLS1_2_VERSION,
+      SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
+      SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+@@ -232,7 +236,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
+      SSL_aRSA,
+      SSL_AES128,
+      SSL_SHA1,
+-     SSL3_VERSION, TLS1_2_VERSION,
++     SSL3_VERSION, TLS1_VERSION,
+      DTLS1_BAD_VER, DTLS1_2_VERSION,
+      SSL_HIGH | SSL_FIPS,
+      SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+@@ -296,7 +300,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
+      SSL_aRSA,
+      SSL_AES256,
+      SSL_SHA1,
+-     SSL3_VERSION, TLS1_2_VERSION,
++     SSL3_VERSION, TLS1_VERSION,
+      DTLS1_BAD_VER, DTLS1_2_VERSION,
+      SSL_HIGH | SSL_FIPS,
+      SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
 @@ -4095,6 +4099,17 @@ int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
      return 1;
  }
@@ -186,13 +213,13 @@ index 354769b0c1..f5e5beba3c 100644
  
      /* SUITE-B takes precedence over server preference and ChaCha priortiy */
 -    if (tls1_suiteb(s)) {
--        prio = srvr;
--        allow = clnt;
--    } else if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
 +    if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE || tls1_suiteb(s)) {
          prio = srvr;
 +        in_group_flags = server_pref->in_group_flags;
          allow = clnt;
+-    } else if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
+-        prio = srvr;
+-        allow = clnt;
 -#ifndef OPENSSL_NO_CHACHA
 -        /* If ChaCha20 is at the top of the client preference list,
 -           and there are ChaCha20 ciphers in the server list, then