projects / oweals / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 329a5f3)
Degrade 3DES to MEDIUM in SSL2
authorVitezslav Cizek <vcizek@suse.com>
Mon, 10 Oct 2016 14:41:57 +0000 (16:41 +0200)
committerRich Salz <rsalz@openssl.org>
Fri, 14 Oct 2016 15:32:14 +0000 (11:32 -0400)
The SWEET32 fix moved 3DES from HIGH to MEDIUM, but omitted SSL2.

CLA: trivial
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1683)

(cherry picked from commit 6d69dc56de8f0535be9ccabea7a8d4e61c04c2f1)

ssl/s2_lib.c patch | blob | history

diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c
index 7bcb81a11e2c24ed796103be34acbb7f0a3f1e29..0322dc813614cb460ea9fdf86c76bca370e7b8c0 100644 (file)
--- a/ssl/s2_lib.c
+++ b/ssl/s2_lib.c
@@ -254,7 +254,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
      SSL_3DES,
      SSL_MD5,
      SSL_SSLV2,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH,
+     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
      0,
      112,
      168,
Unnamed repository; edit this file 'description' to name the repository.