RFC 2712 redefines the codes for use of Kerberos 5 in SSL/TLS.
PR: 189
This commit is contained in:
Richard Levitte
204
ssl/s3_lib.c
204
ssl/s3_lib.c
@@ -512,6 +512,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
||||
SSL_ALL_STRENGTHS,
|
||||
},
|
||||
|
||||
#if 0
|
||||
/* Cipher 1E */
|
||||
{
|
||||
0,
|
||||
@@ -525,41 +526,14 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
||||
SSL_ALL_CIPHERS,
|
||||
SSL_ALL_STRENGTHS,
|
||||
},
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_KRB5
|
||||
/* The Kerberos ciphers
|
||||
** 20000107 VRS: And the first shall be last,
|
||||
** in hopes of avoiding the lynx ssl renegotiation problem.
|
||||
*/
|
||||
/* Cipher 21 VRS */
|
||||
{
|
||||
1,
|
||||
SSL3_TXT_KRB5_DES_40_CBC_SHA,
|
||||
SSL3_CK_KRB5_DES_40_CBC_SHA,
|
||||
SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3,
|
||||
SSL_EXPORT|SSL_EXP40,
|
||||
0,
|
||||
40,
|
||||
56,
|
||||
SSL_ALL_CIPHERS,
|
||||
SSL_ALL_STRENGTHS,
|
||||
},
|
||||
|
||||
/* Cipher 22 VRS */
|
||||
{
|
||||
1,
|
||||
SSL3_TXT_KRB5_DES_40_CBC_MD5,
|
||||
SSL3_CK_KRB5_DES_40_CBC_MD5,
|
||||
SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_MD5 |SSL_SSLV3,
|
||||
SSL_EXPORT|SSL_EXP40,
|
||||
0,
|
||||
40,
|
||||
56,
|
||||
SSL_ALL_CIPHERS,
|
||||
SSL_ALL_STRENGTHS,
|
||||
},
|
||||
|
||||
/* Cipher 23 VRS */
|
||||
/* Cipher 1E VRS */
|
||||
{
|
||||
1,
|
||||
SSL3_TXT_KRB5_DES_64_CBC_SHA,
|
||||
@@ -573,21 +547,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
||||
SSL_ALL_STRENGTHS,
|
||||
},
|
||||
|
||||
/* Cipher 24 VRS */
|
||||
{
|
||||
1,
|
||||
SSL3_TXT_KRB5_DES_64_CBC_MD5,
|
||||
SSL3_CK_KRB5_DES_64_CBC_MD5,
|
||||
SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_MD5 |SSL_SSLV3,
|
||||
SSL_NOT_EXP|SSL_LOW,
|
||||
0,
|
||||
56,
|
||||
56,
|
||||
SSL_ALL_CIPHERS,
|
||||
SSL_ALL_STRENGTHS,
|
||||
},
|
||||
|
||||
/* Cipher 25 VRS */
|
||||
/* Cipher 1F VRS */
|
||||
{
|
||||
1,
|
||||
SSL3_TXT_KRB5_DES_192_CBC3_SHA,
|
||||
@@ -601,7 +561,49 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
||||
SSL_ALL_STRENGTHS,
|
||||
},
|
||||
|
||||
/* Cipher 26 VRS */
|
||||
/* Cipher 20 VRS */
|
||||
{
|
||||
1,
|
||||
SSL3_TXT_KRB5_RC4_128_SHA,
|
||||
SSL3_CK_KRB5_RC4_128_SHA,
|
||||
SSL_kKRB5|SSL_aKRB5| SSL_RC4|SSL_SHA1 |SSL_SSLV3,
|
||||
SSL_NOT_EXP|SSL_MEDIUM,
|
||||
0,
|
||||
128,
|
||||
128,
|
||||
SSL_ALL_CIPHERS,
|
||||
SSL_ALL_STRENGTHS,
|
||||
},
|
||||
|
||||
/* Cipher 21 VRS */
|
||||
{
|
||||
1,
|
||||
SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
|
||||
SSL3_CK_KRB5_IDEA_128_CBC_SHA,
|
||||
SSL_kKRB5|SSL_aKRB5| SSL_IDEA|SSL_SHA1 |SSL_SSLV3,
|
||||
SSL_NOT_EXP|SSL_MEDIUM,
|
||||
0,
|
||||
128,
|
||||
128,
|
||||
SSL_ALL_CIPHERS,
|
||||
SSL_ALL_STRENGTHS,
|
||||
},
|
||||
|
||||
/* Cipher 22 VRS */
|
||||
{
|
||||
1,
|
||||
SSL3_TXT_KRB5_DES_64_CBC_MD5,
|
||||
SSL3_CK_KRB5_DES_64_CBC_MD5,
|
||||
SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_MD5 |SSL_SSLV3,
|
||||
SSL_NOT_EXP|SSL_LOW,
|
||||
0,
|
||||
56,
|
||||
56,
|
||||
SSL_ALL_CIPHERS,
|
||||
SSL_ALL_STRENGTHS,
|
||||
},
|
||||
|
||||
/* Cipher 23 VRS */
|
||||
{
|
||||
1,
|
||||
SSL3_TXT_KRB5_DES_192_CBC3_MD5,
|
||||
@@ -614,6 +616,118 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
||||
SSL_ALL_CIPHERS,
|
||||
SSL_ALL_STRENGTHS,
|
||||
},
|
||||
|
||||
/* Cipher 24 VRS */
|
||||
{
|
||||
1,
|
||||
SSL3_TXT_KRB5_RC4_128_MD5,
|
||||
SSL3_CK_KRB5_RC4_128_MD5,
|
||||
SSL_kKRB5|SSL_aKRB5| SSL_RC4|SSL_MD5 |SSL_SSLV3,
|
||||
SSL_NOT_EXP|SSL_MEDIUM,
|
||||
0,
|
||||
128,
|
||||
128,
|
||||
SSL_ALL_CIPHERS,
|
||||
SSL_ALL_STRENGTHS,
|
||||
},
|
||||
|
||||
/* Cipher 25 VRS */
|
||||
{
|
||||
1,
|
||||
SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
|
||||
SSL3_CK_KRB5_IDEA_128_CBC_MD5,
|
||||
SSL_kKRB5|SSL_aKRB5| SSL_IDEA|SSL_MD5 |SSL_SSLV3,
|
||||
SSL_NOT_EXP|SSL_MEDIUM,
|
||||
0,
|
||||
128,
|
||||
128,
|
||||
SSL_ALL_CIPHERS,
|
||||
SSL_ALL_STRENGTHS,
|
||||
},
|
||||
|
||||
/* Cipher 26 VRS */
|
||||
{
|
||||
1,
|
||||
SSL3_TXT_KRB5_DES_40_CBC_SHA,
|
||||
SSL3_CK_KRB5_DES_40_CBC_SHA,
|
||||
SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3,
|
||||
SSL_EXPORT|SSL_EXP40,
|
||||
0,
|
||||
40,
|
||||
56,
|
||||
SSL_ALL_CIPHERS,
|
||||
SSL_ALL_STRENGTHS,
|
||||
},
|
||||
|
||||
/* Cipher 27 VRS */
|
||||
{
|
||||
1,
|
||||
SSL3_TXT_KRB5_RC2_40_CBC_SHA,
|
||||
SSL3_CK_KRB5_RC2_40_CBC_SHA,
|
||||
SSL_kKRB5|SSL_aKRB5| SSL_RC2|SSL_SHA1 |SSL_SSLV3,
|
||||
SSL_EXPORT|SSL_EXP40,
|
||||
0,
|
||||
40,
|
||||
128,
|
||||
SSL_ALL_CIPHERS,
|
||||
SSL_ALL_STRENGTHS,
|
||||
},
|
||||
|
||||
/* Cipher 28 VRS */
|
||||
{
|
||||
1,
|
||||
SSL3_TXT_KRB5_RC4_40_CBC_SHA,
|
||||
SSL3_CK_KRB5_RC4_40_CBC_SHA,
|
||||
SSL_kKRB5|SSL_aKRB5| SSL_RC4|SSL_SHA1 |SSL_SSLV3,
|
||||
SSL_EXPORT|SSL_EXP40,
|
||||
0,
|
||||
128,
|
||||
128,
|
||||
SSL_ALL_CIPHERS,
|
||||
SSL_ALL_STRENGTHS,
|
||||
},
|
||||
|
||||
/* Cipher 29 VRS */
|
||||
{
|
||||
1,
|
||||
SSL3_TXT_KRB5_DES_40_CBC_MD5,
|
||||
SSL3_CK_KRB5_DES_40_CBC_MD5,
|
||||
SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_MD5 |SSL_SSLV3,
|
||||
SSL_EXPORT|SSL_EXP40,
|
||||
0,
|
||||
40,
|
||||
56,
|
||||
SSL_ALL_CIPHERS,
|
||||
SSL_ALL_STRENGTHS,
|
||||
},
|
||||
|
||||
/* Cipher 2A VRS */
|
||||
{
|
||||
1,
|
||||
SSL3_TXT_KRB5_RC2_40_CBC_MD5,
|
||||
SSL3_CK_KRB5_RC2_40_CBC_MD5,
|
||||
SSL_kKRB5|SSL_aKRB5| SSL_RC2|SSL_MD5 |SSL_SSLV3,
|
||||
SSL_EXPORT|SSL_EXP40,
|
||||
0,
|
||||
40,
|
||||
128,
|
||||
SSL_ALL_CIPHERS,
|
||||
SSL_ALL_STRENGTHS,
|
||||
},
|
||||
|
||||
/* Cipher 2B VRS */
|
||||
{
|
||||
1,
|
||||
SSL3_TXT_KRB5_RC4_40_CBC_MD5,
|
||||
SSL3_CK_KRB5_RC4_40_CBC_MD5,
|
||||
SSL_kKRB5|SSL_aKRB5| SSL_RC4|SSL_MD5 |SSL_SSLV3,
|
||||
SSL_EXPORT|SSL_EXP40,
|
||||
0,
|
||||
128,
|
||||
128,
|
||||
SSL_ALL_CIPHERS,
|
||||
SSL_ALL_STRENGTHS,
|
||||
},
|
||||
#endif /* OPENSSL_NO_KRB5 */
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user