Allow ECDHE and DHE as forward-compatible aliases for EECDH and EDH

see RT #3203 Future versions of OpenSSL use the canonical terms "ECDHE" and "DHE" as configuration strings and compilation constants. This patch introduces aliases so that the stable 1.0.2 branch can be forward-compatible with code and configuration scripts that use the normalized terms, while avoiding changing any library output for stable users. Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org>
2014-05-12 14:17:22 -04:00
parent 1e10aee2a7
commit 0ec6898c67
11 changed files with 66 additions and 15 deletions
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -155,11 +155,17 @@ extern "C" {
 #define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 	0x03000010

 #define SSL3_CK_EDH_DSS_DES_40_CBC_SHA		0x03000011
+#define SSL3_CK_DHE_DSS_DES_40_CBC_SHA          SSL3_CK_EDH_DSS_DES_40_CBC_SHA
 #define SSL3_CK_EDH_DSS_DES_64_CBC_SHA		0x03000012
+#define SSL3_CK_DHE_DSS_DES_64_CBC_SHA		SSL3_CK_EDH_DSS_DES_64_CBC_SHA
 #define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA	0x03000013
+#define SSL3_CK_DHE_DSS_DES_192_CBC3_SHA	SSL3_CK_EDH_DSS_DES_192_CBC3_SHA
 #define SSL3_CK_EDH_RSA_DES_40_CBC_SHA		0x03000014
+#define SSL3_CK_DHE_RSA_DES_40_CBC_SHA		SSL3_CK_EDH_RSA_DES_40_CBC_SHA
 #define SSL3_CK_EDH_RSA_DES_64_CBC_SHA		0x03000015
+#define SSL3_CK_DHE_RSA_DES_64_CBC_SHA		SSL3_CK_EDH_RSA_DES_64_CBC_SHA
 #define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA	0x03000016
+#define SSL3_CK_DHE_RSA_DES_192_CBC3_SHA	SSL3_CK_EDH_RSA_DES_192_CBC3_SHA

 #define SSL3_CK_ADH_RC4_40_MD5			0x03000017
 #define SSL3_CK_ADH_RC4_128_MD5			0x03000018
@@ -213,6 +219,17 @@ extern "C" {
 #define SSL3_TXT_DH_RSA_DES_64_CBC_SHA		"DH-RSA-DES-CBC-SHA"
 #define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA 	"DH-RSA-DES-CBC3-SHA"

+#define SSL3_TXT_DHE_DSS_DES_40_CBC_SHA		"EXP-DHE-DSS-DES-CBC-SHA"
+#define SSL3_TXT_DHE_DSS_DES_64_CBC_SHA		"DHE-DSS-DES-CBC-SHA"
+#define SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA	"DHE-DSS-DES-CBC3-SHA"
+#define SSL3_TXT_DHE_RSA_DES_40_CBC_SHA		"EXP-DHE-RSA-DES-CBC-SHA"
+#define SSL3_TXT_DHE_RSA_DES_64_CBC_SHA		"DHE-RSA-DES-CBC-SHA"
+#define SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA	"DHE-RSA-DES-CBC3-SHA"
+
+/* This next block of six "EDH" labels is for backward compatibility
+   with older versions of OpenSSL.  New code should use the six "DHE"
+   labels above instead:
+ */
 #define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA		"EXP-EDH-DSS-DES-CBC-SHA"
 #define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA		"EDH-DSS-DES-CBC-SHA"
 #define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA	"EDH-DSS-DES-CBC3-SHA"