openldap/openldap-nss-cipher-attributes.patch

96 lines
3.3 KiB
Diff
Raw Normal View History

Update MozNSS cipher attributes definitions
Author: Matus Honek <mhonek@redhat.com>
PreviousAuthor: Jan Vcelak <jvcelak@redhat.com>
diff --git a/libraries/libldap/tls_m.c b/libraries/libldap/tls_m.c
--- a/libraries/libldap/tls_m.c
+++ b/libraries/libldap/tls_m.c
@@ -210,27 +210,44 @@ typedef struct {
int num; /* The cipher id */
int attr; /* cipher attributes: algorithms, etc */
int version; /* protocol version valid for this cipher */
- int bits; /* bits of strength */
- int alg_bits; /* bits of the algorithm */
int strength; /* LOW, MEDIUM, HIGH */
int enabled; /* Enabled by default? */
} cipher_properties;
/* cipher attributes */
-#define SSL_kRSA 0x00000001L
-#define SSL_aRSA 0x00000002L
-#define SSL_aDSS 0x00000004L
-#define SSL_DSS SSL_aDSS
-#define SSL_eNULL 0x00000008L
-#define SSL_DES 0x00000010L
-#define SSL_3DES 0x00000020L
-#define SSL_RC4 0x00000040L
-#define SSL_RC2 0x00000080L
-#define SSL_AES 0x00000100L
-#define SSL_MD5 0x00000200L
-#define SSL_SHA1 0x00000400L
-#define SSL_SHA SSL_SHA1
-#define SSL_RSA (SSL_kRSA|SSL_aRSA)
+#define SSL_kRSA 0x00000001L
+#define SSL_aRSA 0x00000002L
+#define SSL_aDSA 0x00000004L
+#define SSL_DSA SSL_aDSA
+#define SSL_eNULL 0x00000008L
+#define SSL_DES 0x00000010L
+#define SSL_3DES 0x00000020L
+#define SSL_RC4 0x00000040L
+#define SSL_RC2 0x00000080L
+#define SSL_AES128 0x00000100L
+#define SSL_AES256 0x00000200L
+#define SSL_MD5 0x00000400L
+#define SSL_SHA1 0x00000800L
+#define SSL_kEDH 0x00001000L
+#define SSL_CAMELLIA128 0x00002000L
+#define SSL_CAMELLIA256 0x00004000L
+#define SSL_SEED 0x00008000L
+#define SSL_kECDH 0x00010000L
+#define SSL_kECDHE 0x00020000L
+#define SSL_aECDSA 0x00040000L
+#define SSL_SHA256 0x00080000L
+#define SSL_SHA384 0x00100000L
+#define SSL_kEECDH 0x00200000L
+#define SSL_AESGCM 0x00400000L
+#define SSL_AEAD 0x00800000L
+#define SSL_aPSK 0x01000000L
+#define SSL_CHACHA20POLY1305 0x02000000L
+
+/* cipher attributes non-unique - do not use for definitions */
+#define SSL_RSA 0x00000001L
+#define SSL_AES 0x00000002L
+#define SSL_CAMELLIA 0x00000004L
+#define SSL_ECDH 0x00000008L
/* cipher strength */
#define SSL_NULL 0x00000001L
@@ -240,10 +257,15 @@ typedef struct {
#define SSL_MEDIUM 0x00000010L
#define SSL_HIGH 0x00000020L
+/* cipher strengths non-unique - do not use for definitions */
+#define SSL_EXPORT 0x00000001L
+
#define SSL2 0x00000001L
#define SSL3 0x00000002L
/* OpenSSL treats SSL3 and TLSv1 the same */
#define TLS1 SSL3
+#define TLS1_2 0x00000004L
+#define TLS1_3 0x00000008L
/* Cipher translation */
static cipher_properties ciphers_def[] = {
--- openldap-2.4.40/include/ldap.h 2014-09-19 03:48:49.000000000 +0200
+++ openldap-2.4.40/include/ldap.h 2014-11-14 09:25:54.560801030 +0100
@@ -176,6 +176,7 @@ LDAP_BEGIN_DECL
#define LDAP_OPT_X_TLS_PROTOCOL_TLS1_0 ((3 << 8) + 1)
#define LDAP_OPT_X_TLS_PROTOCOL_TLS1_1 ((3 << 8) + 2)
#define LDAP_OPT_X_TLS_PROTOCOL_TLS1_2 ((3 << 8) + 3)
+#define LDAP_OPT_X_TLS_PROTOCOL_TLS1_3 ((3 << 8) + 4)
/* OpenLDAP SASL options */
#define LDAP_OPT_X_SASL_MECH 0x6100