From d7a474264b4bc9c8ae87c897fe4c5803f97b5f8d Mon Sep 17 00:00:00 2001 From: Kurt Roeckx Date: Sun, 7 Feb 2016 20:20:01 +0100 Subject: [PATCH] IDEA is not supported in TLS 1.2 This currently seems to be the only cipher we still support that should get disabled. Reviewed-by: Viktor Dukhovni MR: #1595 --- ssl/s3_lib.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 093ff09e8f..c779ea76c3 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -242,8 +242,8 @@ static const SSL_CIPHER ssl3_ciphers[] = { SSL_aRSA, SSL_IDEA, SSL_SHA1, - SSL3_VERSION, TLS1_2_VERSION, - DTLS1_VERSION, DTLS1_2_VERSION, + SSL3_VERSION, TLS1_1_VERSION, + DTLS1_VERSION, DTLS1_VERSION, SSL_NOT_DEFAULT | SSL_MEDIUM, SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128, -- 2.25.1