return 0;
}
-#define AES_CIPHERS(v) \
+#define AES_GCM_CIPHERS(v) \
MBEDTLS_TLS_##v##_WITH_AES_128_GCM_SHA256, \
- MBEDTLS_TLS_##v##_WITH_AES_256_GCM_SHA384, \
+ MBEDTLS_TLS_##v##_WITH_AES_256_GCM_SHA384
+
+#define AES_CBC_CIPHERS(v) \
MBEDTLS_TLS_##v##_WITH_AES_128_CBC_SHA, \
MBEDTLS_TLS_##v##_WITH_AES_256_CBC_SHA
+#define AES_CIPHERS(v) \
+ AES_GCM_CIPHERS(v), \
+ AES_CBC_CIPHERS(v)
+
static const int default_ciphersuites_server[] =
{
MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
- AES_CIPHERS(ECDHE_ECDSA),
+ AES_GCM_CIPHERS(ECDHE_ECDSA),
MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
- AES_CIPHERS(ECDHE_RSA),
+ AES_GCM_CIPHERS(ECDHE_RSA),
+ AES_CBC_CIPHERS(ECDHE_RSA),
AES_CIPHERS(RSA),
0
};
static const int default_ciphersuites_client[] =
{
MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
- AES_CIPHERS(ECDHE_ECDSA),
+ AES_GCM_CIPHERS(ECDHE_ECDSA),
MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
- AES_CIPHERS(ECDHE_RSA),
+ AES_GCM_CIPHERS(ECDHE_RSA),
MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
- AES_CIPHERS(DHE_RSA),
+ AES_GCM_CIPHERS(DHE_RSA),
+ AES_CBC_CIPHERS(ECDHE_ECDSA),
+ AES_CBC_CIPHERS(ECDHE_RSA),
+ AES_CBC_CIPHERS(DHE_RSA),
MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
AES_CIPHERS(RSA),
MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA,
projects / oweals / openwrt-ustream-ssl.git / blobdiff