X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=ustream-mbedtls.c;h=85bbb1c7c9ea18c04ba9bfcbba1e919a72e13c68;hb=3b06c65965a20c1893392e95c163a83e7ffa407a;hp=b7d7629be3cdeba68db461bde3d69dc2d9c217d8;hpb=738e8d2489fc64f782affd1292388c66f6d69e82;p=oweals%2Fustream-ssl.git

diff --git a/ustream-mbedtls.c b/ustream-mbedtls.c
index b7d7629..85bbb1c 100644
--- a/ustream-mbedtls.c
+++ b/ustream-mbedtls.c
@@ -86,18 +86,25 @@ static int _urandom(void *ctx, unsigned char *out, size_t len)
 	return 0;
 }
 
-#define AES_CIPHERS(v)					\
+#define AES_GCM_CIPHERS(v)				\
 	MBEDTLS_TLS_##v##_WITH_AES_128_GCM_SHA256,	\
-	MBEDTLS_TLS_##v##_WITH_AES_256_GCM_SHA384,	\
+	MBEDTLS_TLS_##v##_WITH_AES_256_GCM_SHA384
+
+#define AES_CBC_CIPHERS(v)				\
 	MBEDTLS_TLS_##v##_WITH_AES_128_CBC_SHA,		\
 	MBEDTLS_TLS_##v##_WITH_AES_256_CBC_SHA
 
+#define AES_CIPHERS(v)					\
+	AES_GCM_CIPHERS(v),				\
+	AES_CBC_CIPHERS(v)
+
 static const int default_ciphersuites_server[] =
 {
 	MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
-	AES_CIPHERS(ECDHE_ECDSA),
+	AES_GCM_CIPHERS(ECDHE_ECDSA),
 	MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
-	AES_CIPHERS(ECDHE_RSA),
+	AES_GCM_CIPHERS(ECDHE_RSA),
+	AES_CBC_CIPHERS(ECDHE_RSA),
 	AES_CIPHERS(RSA),
 	0
 };
@@ -105,11 +112,14 @@ static const int default_ciphersuites_server[] =
 static const int default_ciphersuites_client[] =
 {
 	MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
-	AES_CIPHERS(ECDHE_ECDSA),
+	AES_GCM_CIPHERS(ECDHE_ECDSA),
 	MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
-	AES_CIPHERS(ECDHE_RSA),
+	AES_GCM_CIPHERS(ECDHE_RSA),
 	MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
-	AES_CIPHERS(DHE_RSA),
+	AES_GCM_CIPHERS(DHE_RSA),
+	AES_CBC_CIPHERS(ECDHE_ECDSA),
+	AES_CBC_CIPHERS(ECDHE_RSA),
+	AES_CBC_CIPHERS(DHE_RSA),
 	MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
 	AES_CIPHERS(RSA),
 	MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA,