Update MozNSS cipher attributes definitions Author: Matus Honek PreviousAuthor: Jan Vcelak diff --git a/libraries/libldap/tls_m.c b/libraries/libldap/tls_m.c --- a/libraries/libldap/tls_m.c +++ b/libraries/libldap/tls_m.c @@ -210,27 +210,44 @@ typedef struct { int num; /* The cipher id */ int attr; /* cipher attributes: algorithms, etc */ int version; /* protocol version valid for this cipher */ - int bits; /* bits of strength */ - int alg_bits; /* bits of the algorithm */ int strength; /* LOW, MEDIUM, HIGH */ int enabled; /* Enabled by default? */ } cipher_properties; /* cipher attributes */ -#define SSL_kRSA 0x00000001L -#define SSL_aRSA 0x00000002L -#define SSL_aDSS 0x00000004L -#define SSL_DSS SSL_aDSS -#define SSL_eNULL 0x00000008L -#define SSL_DES 0x00000010L -#define SSL_3DES 0x00000020L -#define SSL_RC4 0x00000040L -#define SSL_RC2 0x00000080L -#define SSL_AES 0x00000100L -#define SSL_MD5 0x00000200L -#define SSL_SHA1 0x00000400L -#define SSL_SHA SSL_SHA1 -#define SSL_RSA (SSL_kRSA|SSL_aRSA) +#define SSL_kRSA 0x00000001L +#define SSL_aRSA 0x00000002L +#define SSL_aDSA 0x00000004L +#define SSL_DSA SSL_aDSA +#define SSL_eNULL 0x00000008L +#define SSL_DES 0x00000010L +#define SSL_3DES 0x00000020L +#define SSL_RC4 0x00000040L +#define SSL_RC2 0x00000080L +#define SSL_AES128 0x00000100L +#define SSL_AES256 0x00000200L +#define SSL_MD5 0x00000400L +#define SSL_SHA1 0x00000800L +#define SSL_kEDH 0x00001000L +#define SSL_CAMELLIA128 0x00002000L +#define SSL_CAMELLIA256 0x00004000L +#define SSL_SEED 0x00008000L +#define SSL_kECDH 0x00010000L +#define SSL_kECDHE 0x00020000L +#define SSL_aECDSA 0x00040000L +#define SSL_SHA256 0x00080000L +#define SSL_SHA384 0x00100000L +#define SSL_kEECDH 0x00200000L +#define SSL_AESGCM 0x00400000L +#define SSL_AEAD 0x00800000L +#define SSL_aPSK 0x01000000L +#define SSL_CHACHA20POLY1305 0x02000000L + +/* cipher attributes non-unique - do not use for definitions */ +#define SSL_RSA 0x00000001L +#define SSL_AES 0x00000002L +#define SSL_CAMELLIA 0x00000004L +#define SSL_ECDH 0x00000008L /* cipher strength */ #define SSL_NULL 0x00000001L @@ -240,10 +257,15 @@ typedef struct { #define SSL_MEDIUM 0x00000010L #define SSL_HIGH 0x00000020L +/* cipher strengths non-unique - do not use for definitions */ +#define SSL_EXPORT 0x00000001L + #define SSL2 0x00000001L #define SSL3 0x00000002L /* OpenSSL treats SSL3 and TLSv1 the same */ #define TLS1 SSL3 +#define TLS1_2 0x00000004L +#define TLS1_3 0x00000008L /* Cipher translation */ static cipher_properties ciphers_def[] = { --- openldap-2.4.40/include/ldap.h 2014-09-19 03:48:49.000000000 +0200 +++ openldap-2.4.40/include/ldap.h 2014-11-14 09:25:54.560801030 +0100 @@ -176,6 +176,7 @@ LDAP_BEGIN_DECL #define LDAP_OPT_X_TLS_PROTOCOL_TLS1_0 ((3 << 8) + 1) #define LDAP_OPT_X_TLS_PROTOCOL_TLS1_1 ((3 << 8) + 2) #define LDAP_OPT_X_TLS_PROTOCOL_TLS1_2 ((3 << 8) + 3) +#define LDAP_OPT_X_TLS_PROTOCOL_TLS1_3 ((3 << 8) + 4) /* OpenLDAP SASL options */ #define LDAP_OPT_X_SASL_MECH 0x6100