aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMilan P. Stanić <mps@arvanta.net>2020-07-30 18:06:37 +0000
committerMilan P. Stanić <mps@arvanta.net>2021-05-07 10:03:23 +0000
commit5f0421f4556d4b8c8afdbdcbf8a58201aa128a5d (patch)
tree2c91c40ea346e9b62444e88dc463d5e751d70813
parent33a4c4e9fa0a6cf46cf4cbdf8cd011ff42899d65 (diff)
downloadaports-5f0421f4556d4b8c8afdbdcbf8a58201aa128a5d.tar.gz
aports-5f0421f4556d4b8c8afdbdcbf8a58201aa128a5d.tar.bz2
aports-5f0421f4556d4b8c8afdbdcbf8a58201aa128a5d.tar.xz
testing/ssldump: upgrade to 1.4
use version from github which have many patches remove obsolete patches
-rw-r--r--testing/ssldump/0010-openssl.patch216
-rw-r--r--testing/ssldump/0020-libpcap.patch43
-rw-r--r--testing/ssldump/0030-aes.patch191
-rw-r--r--testing/ssldump/0040-cvs-20060619.patch191
-rw-r--r--testing/ssldump/0050-table-stops.patch54
-rw-r--r--testing/ssldump/0060-link_layer.patch91
-rw-r--r--testing/ssldump/0070-pcap-vlan.patch36
-rw-r--r--testing/ssldump/0080-tlsv12.patch218
-rw-r--r--testing/ssldump/0090-ssl-enums.patch1806
-rw-r--r--testing/ssldump/0100-ciphersuites.patch161
-rw-r--r--testing/ssldump/APKBUILD55
11 files changed, 13 insertions, 3049 deletions
diff --git a/testing/ssldump/0010-openssl.patch b/testing/ssldump/0010-openssl.patch
deleted file mode 100644
index c9461d4587..0000000000
--- a/testing/ssldump/0010-openssl.patch
+++ /dev/null
@@ -1,216 +0,0 @@
-Patch by Robert Scheck <robert@fedoraproject.org> for ssldump >= 0.9b3, which
-reinstates the the -y (nroff) flag, declares MD5_CTX via <openssl/md5.h>, avoids
-"ERROR: Couldn't create network handler" by calling SSL_library_init() function
-and OpenSSL_add_all_algorithms() rather SSLeay_add_all_algorithms() and revises
-the ssldump man page for correctness and completeness.
-
---- ssldump-0.9b3/ssl/ssl_analyze.c 2002-01-21 19:46:13.000000000 +0100
-+++ ssldump-0.9b3/ssl/ssl_analyze.c.openssl 2010-01-22 23:59:09.000000000 +0100
-@@ -133,7 +133,7 @@
- SSL_PRINT_DECODE
- },
- {
-- 0,
-+ 'y',
- "nroff",
- SSL_PRINT_NROFF
- },
---- ssldump-0.9b3/ssl/ssldecode.c 2002-08-17 03:33:17.000000000 +0200
-+++ ssldump-0.9b3/ssl/ssldecode.c.openssl 2010-01-22 23:59:46.000000000 +0100
-@@ -51,6 +51,7 @@
- #include <openssl/ssl.h>
- #include <openssl/hmac.h>
- #include <openssl/evp.h>
-+#include <openssl/md5.h>
- #include <openssl/x509v3.h>
- #endif
- #include "ssldecode.h"
-@@ -131,7 +132,8 @@
- ssl_decode_ctx *d=0;
- int r,_status;
-
-- SSLeay_add_all_algorithms();
-+ SSL_library_init();
-+ OpenSSL_add_all_algorithms();
- if(!(d=(ssl_decode_ctx *)malloc(sizeof(ssl_decode_ctx))))
- ABORT(R_NO_MEMORY);
- if(!(d->ssl_ctx=SSL_CTX_new(SSLv23_server_method())))
---- ssldump-0.9b3/ssldump.1 2002-08-13 01:46:53.000000000 +0200
-+++ ssldump-0.9b3/ssldump.1.openssl 2010-01-23 00:26:26.000000000 +0100
-@@ -61,12 +61,9 @@
- .na
- .B ssldump
- [
--.B \-vtaTnsAxXhHVNdq
-+.B \-vTshVq
-+.B \-aAdeHnNqTxXvy
- ] [
--.B \-r
--.I dumpfile
--]
--[
- .B \-i
- .I interface
- ]
-@@ -81,6 +78,16 @@
- .I password
- ]
- [
-+.B \-r
-+.I dumpfile
-+]
-+.br
-+.ti +8
-+[
-+.B \-S
-+.RI [\| crypto \||\| d \||\| ht \||\| H \||\| nroff \|]
-+]
-+[
- .I expression
- ]
- .br
-@@ -125,6 +132,7 @@
- You must have read access to
- .IR /dev/bpf* .
- .SH OPTIONS
-+.TP
- .B \-a
- Print bare TCP ACKs (useful for observing Nagle behavior)
- .TP
-@@ -135,7 +143,7 @@
- .B \-d
- Display the application data traffic. This usually means
- decrypting it, but when -d is used ssldump will also decode
--application data traffic _before_ the SSL session initiates.
-+application data traffic \fIbefore\fP the SSL session initiates.
- This allows you to see HTTPS CONNECT behavior as well as
- SMTP STARTTLS. As a side effect, since ssldump can't tell
- whether plaintext is traffic before the initiation of an
-@@ -148,18 +156,9 @@
- .B \-e
- Print absolute timestamps instead of relative timestamps
- .TP
--.B \-r
--Read data from \fIfile\fP instead of from the network.
--The old -f option still works but is deprecated and will
--probably be removed with the next version.
- .B \-H
- Print the full SSL packet header.
- .TP
--.B \-k
--Use \fIkeyfile\fP as the location of the SSL keyfile (OpenSSL format)
--Previous versions of ssldump automatically looked in ./server.pem.
--Now you must specify your keyfile every time.
--.TP
- .B \-n
- Don't try to resolve host names from IP addresses
- .TP
-@@ -176,6 +175,12 @@
- .B \-q
- Don't decode any record fields beyond a single summary line. (quiet mode).
- .TP
-+.B \-T
-+Print the TCP headers.
-+.TP
-+.B \-v
-+Display version and copyright information.
-+.TP
- .B \-x
- Print each record in hex, as well as decoding it.
- .TP
-@@ -183,13 +188,48 @@
- When the -d option is used, binary data is automatically printed
- in two columns with a hex dump on the left and the printable characters
- on the right. -X suppresses the display of the printable characters,
--thus making it easier to cut and paste the hext data into some other
-+thus making it easier to cut and paste the hex data into some other
- program.
-+.TP
- .B \-y
--Decorate the output for processing with troff. Not very
-+Decorate the output for processing with nroff/troff. Not very
- useful for the average user.
- .TP
--.IP "\fI expression\fP"
-+.BI \-i " interface"
-+Use \fIinterface\fP as the network interface on which to sniff SSL/TLS
-+traffic.
-+.TP
-+.BI \-k " keyfile"
-+Use \fIkeyfile\fP as the location of the SSL keyfile (OpenSSL format)
-+Previous versions of ssldump automatically looked in ./server.pem.
-+Now you must specify your keyfile every time.
-+.TP
-+.BI \-p " password"
-+Use \fIpassword\fP as the SSL keyfile password.
-+.TP
-+.BI \-r " file"
-+Read data from \fIfile\fP instead of from the network.
-+The old -f option still works but is deprecated and will
-+probably be removed with the next version.
-+.TP
-+.BI \-S " [ " crypto " | " d " | " ht " | " H " ]"
-+Specify SSL flags to ssldump. These flags include:
-+.RS
-+.TP
-+.I crypto
-+Print cryptographic information.
-+.TP
-+.I d
-+Print fields as decoded.
-+.TP
-+.I ht
-+Print the handshake type.
-+.TP
-+.I H
-+Print handshake type and highlights.
-+.RE
-+.TP
-+\fIexpression\fP
- .RS
- Selects what packets ssldump will examine. Technically speaking,
- ssldump supports the full expression syntax from PCAP and tcpdump.
-@@ -200,7 +240,7 @@
- don't result in incomplete TCP streams are listed here.
- .LP
- The \fIexpression\fP consists of one or more
--.I primitives.
-+.IR primitives .
- Primitives usually consist of an
- .I id
- (name or number) preceded by one or more qualifiers. There are three
-@@ -512,5 +552,11 @@
- .LP
- ssldump doesn't implement session caching and therefore can't decrypt
- resumed sessions.
--
--
-+.LP
-+.SH SEE ALSO
-+.LP
-+.BR tcpdump (1)
-+.LP
-+.SH AUTHOR
-+.LP
-+ssldump was written by Eric Rescorla <ekr@rtfm.com>.
---- ssldump-0.9b3/base/pcap-snoop.c 2002-09-09 23:02:58.000000000 +0200
-+++ ssldump-0.9b3/base/pcap-snoop.c.openssl 2010-04-06 16:50:22.000000000 +0200
-@@ -206,7 +206,7 @@
-
- signal(SIGINT,sig_handler);
-
-- while((c=getopt(argc,argv,"vr:f:S:Ttai:k:p:nsAxXhHVNdqem:P"))!=EOF){
-+ while((c=getopt(argc,argv,"vr:f:S:yTtai:k:p:nsAxXhHVNdqem:P"))!=EOF){
- switch(c){
- case 'v':
- print_version();
-@@ -227,6 +227,9 @@
- case 'a':
- NET_print_flags |= NET_PRINT_ACKS;
- break;
-+ case 'A':
-+ SSL_print_flags |= SSL_PRINT_ALL_FIELDS;
-+ break;
- case 'T':
- NET_print_flags |= NET_PRINT_TCP_HDR;
- break;
diff --git a/testing/ssldump/0020-libpcap.patch b/testing/ssldump/0020-libpcap.patch
deleted file mode 100644
index 10682218d2..0000000000
--- a/testing/ssldump/0020-libpcap.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-Patch by Robert Scheck <robert@fedoraproject.org> for ssldump >= 0.9b3, which
-replaces the inclusion of <net/bpf.h> by <pcap-bpf.h> because of changed files.
-It adds some 64 bit support in ./configure for lib64 directories around libpcap
-and ensures that dynamic linking to libpcap is possible.
-
---- ssldump-0.9b3/base/pcap-snoop.c 2010-01-23 00:30:24.000000000 +0100
-+++ ssldump-0.9b3/base/pcap-snoop.c.libpcap 2010-01-23 00:34:11.000000000 +0100
-@@ -49,7 +49,7 @@
-
- #include <pcap.h>
- #include <unistd.h>
--#include <net/bpf.h>
-+#include <pcap-bpf.h>
- #ifndef _WIN32
- #include <sys/param.h>
- #endif
---- ssldump-0.9b3/configure.in 2001-11-26 23:38:13.000000000 +0100
-+++ ssldump-0.9b3/configure.in.libpcap 2010-01-23 00:33:12.000000000 +0100
-@@ -62,7 +62,7 @@
- dnl Look for PCAP
- dnl We absolutely need pcap
- ac_pcap_inc_dir="/usr/include /usr/include/pcap /usr/local/include"
--ac_pcap_lib_dir="/usr/lib /usr/local/lib"
-+ac_pcap_lib_dir="/usr/local/lib64 /usr/local/lib /usr/lib64 /usr/lib"
-
- AC_ARG_WITH(pcap,[--with-pcap root location for pcap library],
- if test "$withval" = "no"; then
-@@ -102,13 +102,13 @@
- AC_MSG_CHECKING(for PCAP library)
- ac_found_pcap_lib_dir="no"
- for dir in $ac_pcap_lib_dir; do
-- if test -f $dir/libpcap.a; then
-+ if test -f $dir/libpcap.a -o -f $dir/libpcap.so; then
- dnl Ok, we think we've found them, but check that they
- dnl actually ontain the right functions
- save_LIBS=$LIBS
- save_LDFLAGS=$LDFLAGS
- LIBS="-lpcap $LIBS"
-- if test "$dir" != "/usr/lib"; then
-+ if test "$dir" != "/usr/lib" -a "$dir" != "/usr/lib64"; then
- LDFLAGS="-L$dir $LDFLAGS"
- fi
- AC_TRY_LINK_FUNC(pcap_open_live,ac_linked_libpcap="true",
diff --git a/testing/ssldump/0030-aes.patch b/testing/ssldump/0030-aes.patch
deleted file mode 100644
index 3965332e8f..0000000000
--- a/testing/ssldump/0030-aes.patch
+++ /dev/null
@@ -1,191 +0,0 @@
-Patch by Carsten Hoeger <choeger@suse.de> for ssldump >= 0.9b3 which adds support
-for AES cipher-suites (to ssldump). For further information, please have a look to
-Novell bug ID #50952.
-
---- ssldump-0.9b3/ssl/sslciphers.h 2002-08-17 03:33:17.000000000 +0200
-+++ ssldump-0.9b3/ssl/sslciphers.h.aes 2010-04-06 16:34:35.000000000 +0200
-@@ -71,7 +71,9 @@
- #define ENC_RC4 0x32
- #define ENC_RC2 0x33
- #define ENC_IDEA 0x34
--#define ENC_NULL 0x35
-+#define ENC_AES128 0x35
-+#define ENC_AES256 0x36
-+#define ENC_NULL 0x37
-
- #define DIG_MD5 0x40
- #define DIG_SHA 0x41
---- ssldump-0.9b3/ssl/ssl_rec.c 2000-11-03 07:38:06.000000000 +0100
-+++ ssldump-0.9b3/ssl/ssl_rec.c.aes 2010-04-06 16:42:13.000000000 +0200
-@@ -78,7 +78,9 @@
- "DES3",
- "RC4",
- "RC2",
-- "IDEA"
-+ "IDEA",
-+ "AES128",
-+ "AES256"
- };
-
-
-@@ -101,6 +103,11 @@
- /* Find the SSLeay cipher */
- if(cs->enc!=ENC_NULL){
- ciph=(EVP_CIPHER *)EVP_get_cipherbyname(ciphers[cs->enc-0x30]);
-+ if(!ciph)
-+ ABORT(R_INTERNAL);
-+ }
-+ else {
-+ ciph=EVP_enc_null();
- }
-
- if(!(dec=(ssl_rec_decoder *)calloc(sizeof(ssl_rec_decoder),1)))
-@@ -169,7 +176,7 @@
- *outl=inl;
-
- /* Now strip off the padding*/
-- if(d->cs->block!=1){
-+ if(d->cs->block>1){
- pad=out[inl-1];
- *outl-=(pad+1);
- }
---- ssldump-0.9b3/ssl/ssl.enums 2001-07-20 18:44:32.000000000 +0200
-+++ ssldump-0.9b3/ssl/ssl.enums.aes 2010-04-06 16:36:06.000000000 +0200
-@@ -356,6 +356,18 @@
- CipherSuite TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x19 };
- CipherSuite TLS_DH_anon_WITH_DES_CBC_SHA = { 0x00,0x1A };
- CipherSuite TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = { 0x00,0x1B };
-+ CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x2F };
-+ CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA = { 0x00,0x30 };
-+ CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x31 };
-+ CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA = { 0x00,0x32 };
-+ CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x33 };
-+ CipherSuite TLS_DH_anon_WITH_AES_128_CBC_SHA = { 0x00,0x34 };
-+ CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x35 };
-+ CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA = { 0x00,0x36 };
-+ CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x37 };
-+ CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA = { 0x00,0x38 };
-+ CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x39 };
-+ CipherSuite TLS_DH_anon_WITH_AES_256_CBC_SHA = { 0x00,0x3A };
- CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 = { 0x00,0x60 };
- CipherSuite TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 = { 0x00,0x61 };
- CipherSuite TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA = { 0x00,0x62 };
---- ssldump-0.9b3/ssl/ciphersuites.c 2002-08-17 03:33:17.000000000 +0200
-+++ ssldump-0.9b3/ssl/ciphersuites.c.aes 2010-04-06 16:33:52.000000000 +0200
-@@ -78,10 +78,22 @@
- {25,KEX_DH,SIG_NONE,ENC_DES,8,64,40,DIG_MD5,16,1},
- {26,KEX_DH,SIG_NONE,ENC_DES,8,64,64,DIG_MD5,16,0},
- {27,KEX_DH,SIG_NONE,ENC_3DES,8,192,192,DIG_MD5,16,0},
-+ {47,KEX_RSA,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
-+ {48,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0},
-+ {49,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
-+ {50,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0},
-+ {51,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
-+ {52,KEX_DH,SIG_NONE,ENC_AES128,16,128,128,DIG_SHA,20,0},
-+ {53,KEX_RSA,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0},
-+ {54,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0},
-+ {55,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0},
-+ {56,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0},
-+ {57,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0},
-+ {58,KEX_DH,SIG_NONE,ENC_AES256,16,256,256,DIG_SHA,20,0},
- {96,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_MD5,16,1},
- {97,KEX_RSA,SIG_RSA,ENC_RC2,1,128,56,DIG_MD5,16,1},
- {98,KEX_RSA,SIG_RSA,ENC_DES,8,64,64,DIG_SHA,20,1},
-- {99,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,16,1},
-+ {99,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,20,1},
- {100,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_SHA,20,1},
- {101,KEX_DH,SIG_DSS,ENC_RC4,1,128,56,DIG_SHA,20,1},
- {102,KEX_DH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA,20,0},
---- ssldump-0.9b3/ssl/ssl.enums.c 2001-07-20 18:44:36.000000000 +0200
-+++ ssldump-0.9b3/ssl/ssl.enums.c.aes 2010-04-06 16:40:14.000000000 +0200
-@@ -151,7 +151,7 @@
- "application_data",
- decode_ContentType_application_data
- },
--{0}
-+{-1}
- };
-
- static int decode_HandshakeType_HelloRequest(ssl,dir,seg,data)
-@@ -163,6 +163,7 @@
-
-
- printf("\n");
-+ return(0);
-
- }
- static int decode_HandshakeType_ClientHello(ssl,dir,seg,data)
-@@ -368,6 +369,7 @@
-
-
- printf("\n");
-+ return(0);
-
- }
- static int decode_HandshakeType_CertificateVerify(ssl,dir,seg,data)
-@@ -611,6 +613,54 @@
- "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA",
- 0 },
- {
-+ 47,
-+ "TLS_RSA_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 48,
-+ "TLS_DH_DSS_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 49,
-+ "TLS_DH_RSA_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 50,
-+ "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 51,
-+ "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 52,
-+ "TLS_DH_anon_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 53,
-+ "TLS_RSA_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
-+ 54,
-+ "TLS_DH_DSS_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
-+ 55,
-+ "TLS_DH_RSA_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
-+ 56,
-+ "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
-+ 57,
-+ "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
-+ 58,
-+ "TLS_DH_anon_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
- 96,
- "TLS_RSA_EXPORT1024_WITH_RC4_56_MD5",
- 0 },
---- ssldump-0.9b3/ssl/ssl_enum.c 2000-10-09 07:14:02.000000000 +0200
-+++ ssldump-0.9b3/ssl/ssl_enum.c.aes 2010-04-06 16:57:15.000000000 +0200
-@@ -70,7 +70,7 @@
- "application_data",
- decode_ContentType_application_data
- },
--{0}
-+{-1}
- };
-
- static int decode_HandshakeType_hello_request(ssl,dir,seg,data)
diff --git a/testing/ssldump/0040-cvs-20060619.patch b/testing/ssldump/0040-cvs-20060619.patch
deleted file mode 100644
index 7b7c6b305d..0000000000
--- a/testing/ssldump/0040-cvs-20060619.patch
+++ /dev/null
@@ -1,191 +0,0 @@
-Patch by Michael Calmer <mc@suse.de> for ssldump >= 0.9b3 which backports several
-fixes and some minor enhancements from upstream CVS 2006-06-19.
-
---- ssldump-0.9b3/ssl/sslprint.c 2002-08-17 03:33:17.000000000 +0200
-+++ ssldump-0.9b3/ssl/sslprint.c.cvs 2010-04-06 17:12:40.000000000 +0200
-@@ -248,12 +248,12 @@
- SSL_DECODE_UINT16(ssl,0,0,&d,&length);
-
- if(d.len!=length){
-- explain(ssl,"Short record\n");
-+ explain(ssl," Short record: %u bytes available (expecting: %u)\n",length,d.len);
- return(0);
- }
-
- P_(P_RH){
-- explain(ssl,"V%d.%d(%d)",vermaj,vermin,length);
-+ explain(ssl," V%d.%d(%d)",vermaj,vermin,length);
- }
-
-
-@@ -262,19 +262,22 @@
- r=ssl_decode_record(ssl,ssl->decoder,direction,ct,version,&d);
-
- if(r==SSL_BAD_MAC){
-- explain(ssl," bad MAC\n");
-+ explain(ssl," bad MAC\n");
- return(0);
- }
-
- if(r){
-- if(r=ssl_print_enum(ssl,0,ContentType_decoder,ct))
-+ if(r=ssl_print_enum(ssl,0,ContentType_decoder,ct)) {
-+ printf(" unknown record type: %d\n", ct);
- ERETURN(r);
-+ }
- printf("\n");
- }
- else{
-- if(r=ssl_decode_switch(ssl,ContentType_decoder,data[0],direction,q,
-- &d))
-+ if(r=ssl_decode_switch(ssl,ContentType_decoder,data[0],direction,q, &d)) {
-+ printf(" unknown record type: %d\n", ct);
- ERETURN(r);
-+ }
- }
-
- return(0);
-@@ -369,7 +372,7 @@
- dtable++;
- }
-
-- return(-1);
-+ return(R_NOT_FOUND);
- }
-
- int ssl_decode_enum(ssl,name,size,dtable,p,data,x)
-@@ -416,8 +419,7 @@
- dtable++;
- }
-
-- explain(ssl,"%s","unknown value");
-- return(0);
-+ return(R_NOT_FOUND);
- }
-
- int explain(ssl_obj *ssl,char *format,...)
-@@ -535,7 +537,7 @@
-
- printf("\n");
- for(i=0;i<d->len;i++){
-- if(!isprint(d->data[i]) && !strchr("\r\n\t",d->data[i])){
-+ if(d->data[i] == 0 || (!isprint(d->data[i]) && !strchr("\r\n\t",d->data[i]))){
- bit8=1;
- break;
- }
-@@ -557,7 +559,8 @@
- else{
- int nl=1;
- INDENT;
-- printf("---------------------------------------------------------------\n"); if(SSL_print_flags & SSL_PRINT_NROFF){
-+ printf("---------------------------------------------------------------\n");
-+ if(SSL_print_flags & SSL_PRINT_NROFF){
- if(ssl->process_ciphertext & ssl->direction)
- printf("\\f[CI]");
- else
---- ssldump-0.9b3/ssl/ssl_analyze.c 2010-04-06 16:58:23.000000000 +0200
-+++ ssldump-0.9b3/ssl/ssl_analyze.c.cvs 2010-04-06 17:08:22.000000000 +0200
-@@ -359,12 +359,16 @@
- case 23:
- break;
- default:
-- printf("Unknown SSL content type %d\n",q->data[0] & 255);
-- ABORT(R_INTERNAL);
-+ DBG((0,"Unknown SSL content type %d for segment %u:%u(%u)",
-+ q->data[0] & 255,seg->s_seq,seg->s_seq+seg->len,seg->len));
- }
-
- rec_len=COMBINE(q->data[3],q->data[4]);
-
-+ /* SSL v3.0 spec says a record may not exceed 2**14 + 2048 == 18432 */
-+ if(rec_len > 18432)
-+ ABORT(R_INTERNAL);
-+
- /*Expand the buffer*/
- if(q->_allocated<(rec_len+SSL_HEADER_SIZE)){
- if(!(q->data=realloc(q->data,rec_len+5)))
---- ssldump-0.9b3/base/tcppack.c 2002-09-09 23:02:58.000000000 +0200
-+++ ssldump-0.9b3/base/tcppack.c.cvs 2010-04-06 17:06:46.000000000 +0200
-@@ -95,11 +95,11 @@
- proper order. This shouldn't be a problem, though,
- except for simultaneous connects*/
- if((p->tcp->th_flags & (TH_SYN|TH_ACK))!=TH_SYN){
-- DBG((0,"TCP: rejecting packet from unknown connection\n"));
-+ DBG((0,"TCP: rejecting packet from unknown connection, seq: %u\n",ntohl(p->tcp->th_seq)));
- return(0);
- }
-
-- DBG((0,"SYN1\n"));
-+ DBG((0,"SYN1 seq: %u",ntohl(p->tcp->th_seq)));
- if(r=new_connection(handler,ctx,p,&conn))
- ABORT(r);
- conn->i2r.seq=ntohl(p->tcp->th_seq)+1;
-@@ -117,14 +117,14 @@
- conn->r2i.seq=ntohl(p->tcp->th_seq)+1;
- conn->r2i.ack=ntohl(p->tcp->th_ack)+1;
- conn->state=TCP_STATE_SYN2;
-- DBG((0,"SYN2\n"));
-+ DBG((0,"SYN2 seq: %u",ntohl(p->tcp->th_seq)));
- break;
- case TCP_STATE_SYN2:
- {
- char *sn=0,*dn=0;
- if(direction != DIR_I2R)
- break;
-- DBG((0,"ACK\n"));
-+ DBG((0,"ACK seq: %u",ntohl(p->tcp->th_seq)));
- conn->i2r.ack=ntohl(p->tcp->th_ack)+1;
- lookuphostname(&conn->i_addr,&sn);
- lookuphostname(&conn->r_addr,&dn);
-@@ -228,7 +228,8 @@
- l=p->len - p->tcp->th_off * 4;
-
- if(stream->close){
-- DBG((0,"Rejecting packet received after FIN"));
-+ DBG((0,"Rejecting packet received after FIN: %u:%u(%u)",
-+ ntohl(p->tcp->th_seq),ntohl(p->tcp->th_seq+l),l));
- return(0);
- }
-
-@@ -341,20 +342,26 @@
- if(conn->state == TCP_STATE_ESTABLISHED)
- conn->state=TCP_STATE_FIN1;
- else
-- conn->state=TCP_STATE_CLOSED;
-+ conn->state=TCP_STATE_CLOSED;
- }
-
- stream->oo_queue=seg->next;
- seg->next=0;
- stream->seq=seg->s_seq + seg->len;
-
-- if(r=conn->analyzer->vtbl->data(conn->analyzer->obj,&_seg,direction))
-+ DBG((0,"Analyzing segment: %u:%u(%u)", seg->s_seq, seg->s_seq+seg->len, seg->len));
-+ if(r=conn->analyzer->vtbl->data(conn->analyzer->obj,&_seg,direction)) {
-+ DBG((0,"ABORT due to segment: %u:%u(%u)", seg->s_seq, seg->s_seq+seg->len, seg->len));
- ABORT(r);
-+ }
- }
-
- if(stream->close){
-- if(r=conn->analyzer->vtbl->close(conn->analyzer->obj,p,direction))
-- ABORT(r);
-+ DBG((0,"Closing with segment: %u:%u(%u)", seg->s_seq, stream->seq, seg->len));
-+ if(r=conn->analyzer->vtbl->close(conn->analyzer->obj,p,direction)) {
-+ DBG((0,"ABORT due to segment: %u:%u(%u)", seg->s_seq, stream->seq, seg->len));
-+ ABORT(r);
-+ }
- }
-
- free_tcp_segment_queue(_seg.next);
---- ssldump-0.9b3/common/lib/r_assoc.c 2001-12-24 07:06:26.000000000 +0100
-+++ ssldump-0.9b3/common/lib/r_assoc.c.cvs 2010-04-06 17:01:11.000000000 +0200
-@@ -306,7 +306,7 @@
- ABORT(R_NO_MEMORY);
- for(i=0;i<new->size;i++){
- if(r=copy_assoc_chain(new->chains+i,old->chains[i]))
-- ABORT(r);
-+ ABORT(R_NO_MEMORY);
- }
- *newp=new;
-
diff --git a/testing/ssldump/0050-table-stops.patch b/testing/ssldump/0050-table-stops.patch
deleted file mode 100644
index f3f7920e87..0000000000
--- a/testing/ssldump/0050-table-stops.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-Patch by Robert Scheck <robert@fedoraproject.org> for ssldump >= 0.9b3, which is
-changing the decoder table ends from 0 to -1 to match the expected value of table
-search routines. Without this patch, ssldump segfaults at latest after some time
-of usage when decoding unknown enumerated values. For further information, please
-have a look to Red Hat Bugzilla, bug ID #747398.
-
---- ssldump-0.9b3/ssl/ssl.enums.c 2011-10-24 22:33:03.000000000 +0200
-+++ ssldump-0.9b3/ssl/ssl.enums.c.table-stops 2011-10-24 22:34:20.000000000 +0200
-@@ -500,7 +500,7 @@
- "Finished",
- decode_HandshakeType_Finished
- },
--{0}
-+{-1}
- };
-
- decoder cipher_suite_decoder[]={
-@@ -778,7 +778,7 @@
- "fatal",
- decode_AlertLevel_fatal
- },
--{0}
-+{-1}
- };
-
- static int decode_AlertDescription_close_notify(ssl,dir,seg,data)
-@@ -1081,7 +1081,7 @@
- "no_renegotiation",
- decode_AlertDescription_no_renegotiation
- },
--{0}
-+{-1}
- };
-
- decoder compression_method_decoder[]={
-@@ -1145,6 +1145,6 @@
- "dss_fixed_dh",
- decode_client_certificate_type_dss_fixed_dh
- },
--{0}
-+{-1}
- };
-
---- ssldump-0.9b3/ssl/ssl_enum.c 2011-10-24 22:33:03.000000000 +0200
-+++ ssldump-0.9b3/ssl/ssl_enum.c.table-stops 2011-10-24 22:34:44.000000000 +0200
-@@ -260,7 +260,7 @@
- "finished",
- decode_HandshakeType_finished
- },
--{0}
-+{-1}
- };
-
- decoder cipher_suite_decoder[]={
diff --git a/testing/ssldump/0060-link_layer.patch b/testing/ssldump/0060-link_layer.patch
deleted file mode 100644
index 0b4df7cd66..0000000000
--- a/testing/ssldump/0060-link_layer.patch
+++ /dev/null
@@ -1,91 +0,0 @@
-Patch by Robert Scheck <robert@fedoraproject.org> for ssldump >= 0.9b3 which adds
-some further link layer offsets; inspirated from the original DLT_LINUX_SLL patch
-by PeBek at http://sourceforge.net/p/ssldump/patches/6/.
-
---- ssldump-0.9b3/base/pcap-snoop.c 2014-05-04 02:02:58.000000000 +0200
-+++ ssldump-0.9b3/base/pcap-snoop.c.link_layer 2014-05-04 02:20:21.000000000 +0200
-@@ -136,6 +136,10 @@
- len=hdr->len;
-
- switch(pcap_if_type){
-+ case DLT_RAW:
-+#ifdef DLT_LOOP
-+ case DLT_LOOP:
-+#endif
- case DLT_NULL:
- data+=4;
- len-=4;
-@@ -158,6 +162,73 @@
- return;
-
- break;
-+ case DLT_IEEE802:
-+ data+=22;
-+ len-=22;
-+ break;
-+ case DLT_FDDI:
-+ data+=21;
-+ len-=21;
-+ break;
-+#ifdef __amigaos__
-+ case DLT_MIAMI:
-+ data+=16;
-+ len-=16;
-+ break;
-+#endif
-+ case DLT_SLIP:
-+#ifdef DLT_SLIP_BSDOS
-+ case DLT_SLIP_BSDOS:
-+#endif
-+#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || defined(__bsdi__) || defined(__APPLE__)
-+ data+=16;
-+ len-=16;
-+#else
-+ data+=24;
-+ len-=24;
-+#endif
-+ break;
-+ case DLT_PPP:
-+#ifdef DLT_PPP_BSDOS
-+ case DLT_PPP_BSDOS:
-+#endif
-+#ifdef DLT_PPP_SERIAL
-+ case DLT_PPP_SERIAL:
-+#endif
-+#ifdef DLT_PPP_ETHER
-+ case DLT_PPP_ETHER:
-+#endif
-+#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || defined(__bsdi__) || defined(__APPLE__)
-+ data+=4;
-+ len-=4;
-+#else
-+#if defined(sun) || defined(__sun)
-+ data+=8;
-+ len-=8;
-+#else
-+ data+=24;
-+ len-=24;
-+#endif
-+#endif
-+ break;
-+#ifdef DLT_ENC
-+ case DLT_ENC:
-+ data+=12;
-+ len-=12;
-+ break;
-+#endif
-+#ifdef DLT_LINUX_SLL
-+ case DLT_LINUX_SLL:
-+ data+=16;
-+ len-=16;
-+ break;
-+#endif
-+#ifdef DLT_IPNET
-+ case DLT_IPNET:
-+ data+=24;
-+ len-=24;
-+ break;
-+#endif
- }
- network_process_packet(n,&hdr->ts,data,len);
- }
diff --git a/testing/ssldump/0070-pcap-vlan.patch b/testing/ssldump/0070-pcap-vlan.patch
deleted file mode 100644
index 1c58d87c60..0000000000
--- a/testing/ssldump/0070-pcap-vlan.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-Patch by David Holmes <dholmesf5@users.sourceforge.net> for ssldump >= 0.9b3 which
-adds a filter to include traffic with or without the 802.1Q VLAN header.
-
---- ssldump-0.9b3/base/pcap-snoop.c 2014-05-04 02:20:21.000000000 +0200
-+++ ssldump-0.9b3/base/pcap-snoop.c.pcap-vlan 2014-05-04 05:22:43.000000000 +0200
-@@ -385,6 +385,30 @@
- if(filter){
- struct bpf_program fp;
-
-+ /* (F5 patch)
-+ * reformat filter to include traffic with or without the 802.1q
-+ * vlan header. for example, "port 80" becomes:
-+ * "( port 80 ) or ( vlan and port 80 )".
-+ * note that if the filter includes the literals vlan, tagged, or
-+ * untagged, then it is assumed that the user knows what she is
-+ * doing, and the filter is not reformatted.
-+ */
-+ if ((pcap_datalink(p) == DLT_EN10MB) &&
-+ (filter != NULL) &&
-+ (strstr(filter,"vlan") == NULL)) {
-+ char *tmp_filter;
-+ char *fmt = "( (not ether proto 0x8100) and (%s) ) or ( vlan and (%s) )";
-+
-+ tmp_filter = (char *)malloc((strlen(filter) * 2) + strlen(fmt) + 1);
-+ if (tmp_filter == NULL) {
-+ fprintf(stderr,"PCAP: malloc failed\n");
-+ err_exit("Aborting",-1);
-+ }
-+
-+ sprintf(tmp_filter,fmt,filter,filter);
-+ filter = tmp_filter;
-+ }
-+
- if(pcap_compile(p,&fp,filter,0,netmask)<0)
- verr_exit("PCAP: %s\n",pcap_geterr(p));
-
diff --git a/testing/ssldump/0080-tlsv12.patch b/testing/ssldump/0080-tlsv12.patch
deleted file mode 100644
index fae15c85b2..0000000000
--- a/testing/ssldump/0080-tlsv12.patch
+++ /dev/null
@@ -1,218 +0,0 @@
-Patch by David Holmes <dholmesf5@users.sourceforge.net> (revised by Paul Aurich
-<darkrain@users.sourceforge.net>, minor changes for compilation by Robert Scheck
-<robert@fedoraproject.org>) for ssldump >= 0.9b3 which adds TLSv1.1 and TLSv1.2
-application data decrypt support. For further information please have a look to
-http://sourceforge.net/p/ssldump/patches/8/.
-
---- ssldump-0.9b3/ssl/ssl_rec.c 2014-05-04 02:02:58.000000000 +0200
-+++ ssldump-0.9b3/ssl/ssl_rec.c.tlsv12 2014-05-04 05:30:22.000000000 +0200
-@@ -68,19 +68,28 @@
- };
-
-
--static char *digests[]={
-+char *digests[]={
- "MD5",
- "SHA1"
-+ "SHA224",
-+ "SHA256",
-+ "SHA384",
-+ "SHA512",
-+ NULL
- };
-
--static char *ciphers[]={
-+char *ciphers[]={
- "DES",
-- "DES3",
-+ "3DES",
- "RC4",
- "RC2",
- "IDEA",
- "AES128",
-- "AES256"
-+ "AES256",
-+ "CAMELLIA128",
-+ "CAMELLIA256",
-+ "SEED",
-+ NULL
- };
-
-
-@@ -192,6 +201,19 @@
- ERETURN(r);
- }
- else{
-+ /* TLS 1.1 and beyond: remove explicit IV, only used with
-+ * non-stream ciphers. */
-+ if (ssl->version>=0x0302 && ssl->cs->block > 1) {
-+ UINT4 blk = ssl->cs->block;
-+ if (blk <= *outl) {
-+ *outl-=blk;
-+ memmove(out, out+blk, *outl);
-+ }
-+ else {
-+ DBG((0,"Block size greater than Plaintext!"));
-+ ERETURN(SSL_BAD_MAC);
-+ }
-+ }
- if(r=tls_check_mac(d,ct,version,out,*outl,mac))
- ERETURN(r);
- }
-@@ -231,7 +253,7 @@
- HMAC_CTX hm;
- const EVP_MD *md;
- UINT4 l;
-- UCHAR buf[20];
-+ UCHAR buf[128];
-
- md=EVP_get_digestbyname(digests[d->cs->dig-0x40]);
- HMAC_Init(&hm,d->mac_key->data,d->mac_key->len,md);
---- ssldump-0.9b3/ssl/sslciphers.h 2014-05-04 02:02:58.000000000 +0200
-+++ ssldump-0.9b3/ssl/sslciphers.h.tlsv12 2014-05-04 05:07:20.000000000 +0200
-@@ -73,10 +73,17 @@
- #define ENC_IDEA 0x34
- #define ENC_AES128 0x35
- #define ENC_AES256 0x36
--#define ENC_NULL 0x37
-+#define ENC_CAMELLIA128 0x37
-+#define ENC_CAMELLIA256 0x38
-+#define ENC_SEED 0x39
-+#define ENC_NULL 0x3a
-
- #define DIG_MD5 0x40
- #define DIG_SHA 0x41
-+#define DIG_SHA224 0x42 /* Not sure why EKR didn't follow RFC for */
-+#define DIG_SHA256 0x43 /* these values, but whatever, just adding on */
-+#define DIG_SHA384 0x44
-+#define DIG_SHA512 0x45
-
- int ssl_find_cipher PROTO_LIST((int num,SSL_CipherSuite **cs));
-
---- ssldump-0.9b3/ssl/ssldecode.c 2014-05-04 02:02:58.000000000 +0200
-+++ ssldump-0.9b3/ssl/ssldecode.c.tlsv12 2014-05-04 05:29:43.000000000 +0200
-@@ -61,11 +61,14 @@
-
- #define PRF(ssl,secret,usage,rnd1,rnd2,out) (ssl->version==SSLV3_VERSION)? \
- ssl3_prf(ssl,secret,usage,rnd1,rnd2,out): \
-- tls_prf(ssl,secret,usage,rnd1,rnd2,out)
-+ ((ssl->version == TLSV12_VERSION) ? \
-+ tls12_prf(ssl,secret,usage,rnd1,rnd2,out): \
-+ tls_prf(ssl,secret,usage,rnd1,rnd2,out))
-
-
- static char *ssl_password;
-
-+extern char *digests;
- extern UINT4 SSL_print_flags;
-
- struct ssl_decode_ctx_ {
-@@ -98,6 +101,8 @@
- #ifdef OPENSSL
- static int tls_P_hash PROTO_LIST((ssl_obj *ssl,Data *secret,Data *seed,
- const EVP_MD *md,Data *out));
-+static int tls12_prf PROTO_LIST((ssl_obj *ssl,Data *secret,char *usage,
-+ Data *rnd1,Data *rnd2,Data *out));
- static int tls_prf PROTO_LIST((ssl_obj *ssl,Data *secret,char *usage,
- Data *rnd1,Data *rnd2,Data *out));
- static int ssl3_prf PROTO_LIST((ssl_obj *ssl,Data *secret,char *usage,
-@@ -432,10 +437,9 @@
-
- switch(ssl->version){
- case SSLV3_VERSION:
-- if(r=ssl_generate_keying_material(ssl,d))
-- ABORT(r);
-- break;
- case TLSV1_VERSION:
-+ case TLSV11_VERSION:
-+ case TLSV12_VERSION:
- if(r=ssl_generate_keying_material(ssl,d))
- ABORT(r);
- break;
-@@ -535,10 +539,9 @@
-
- switch(ssl->version){
- case SSLV3_VERSION:
-- if(r=ssl_generate_keying_material(ssl,d))
-- ABORT(r);
-- break;
- case TLSV1_VERSION:
-+ case TLSV11_VERSION:
-+ case TLSV12_VERSION:
- if(r=ssl_generate_keying_material(ssl,d))
- ABORT(r);
- break;
-@@ -572,7 +575,7 @@
- int left=out->len;
- int tocpy;
- UCHAR *A;
-- UCHAR _A[20],tmp[20];
-+ UCHAR _A[128],tmp[128];
- unsigned int A_l,tmp_l;
- HMAC_CTX hm;
-
-@@ -665,6 +668,53 @@
-
- }
-
-+static int tls12_prf(ssl,secret,usage,rnd1,rnd2,out)
-+ ssl_obj *ssl;
-+ Data *secret;
-+ char *usage;
-+ Data *rnd1;
-+ Data *rnd2;
-+ Data *out;
-+
-+ {
-+ const EVP_MD *md;
-+ int r,_status;
-+ Data *sha_out=0;
-+ Data *seed;
-+ UCHAR *ptr;
-+ int i, dgi;
-+
-+ if(r=r_data_alloc(&sha_out,MAX(out->len,64))) /* assume max SHA512 */
-+ ABORT(r);
-+ if(r=r_data_alloc(&seed,strlen(usage)+rnd1->len+rnd2->len))
-+ ABORT(r);
-+ ptr=seed->data;
-+ memcpy(ptr,usage,strlen(usage)); ptr+=strlen(usage);
-+ memcpy(ptr,rnd1->data,rnd1->len); ptr+=rnd1->len;
-+ memcpy(ptr,rnd2->data,rnd2->len); ptr+=rnd2->len;
-+
-+ /* Earlier versions of openssl didn't have SHA256 of course... */
-+ dgi = MAX(DIG_SHA256, ssl->cs->dig)-0x40;
-+ if ((md=EVP_get_digestbyname(digests[dgi])) == NULL) {
-+ DBG((0,"Cannot get EVP for digest %s, openssl library current?",
-+ digests[dgi]));
-+ ERETURN(SSL_BAD_MAC);
-+ }
-+ if(r=tls_P_hash(ssl,secret,seed,md,sha_out))
-+ ABORT(r);
-+
-+ for(i=0;i<out->len;i++)
-+ out->data[i]=sha_out->data[i];
-+
-+ CRDUMPD("PRF out",out);
-+ _status=0;
-+ abort:
-+ r_data_destroy(&sha_out);
-+ r_data_destroy(&seed);
-+ return(_status);
-+
-+ }
-+
- static int ssl3_generate_export_iv(ssl,r1,r2,out)
- ssl_obj *ssl;
- Data *r1;
---- ssldump-0.9b3/ssl/ssl_h.h 2002-08-17 03:33:17.000000000 +0200
-+++ ssldump-0.9b3/ssl/ssl_h.h.tlsv12 2014-05-04 05:17:30.000000000 +0200
-@@ -121,6 +121,8 @@
-
- #define SSLV3_VERSION 0x300
- #define TLSV1_VERSION 0x301
-+#define TLSV11_VERSION 0x302
-+#define TLSV12_VERSION 0x303
-
- /*State defines*/
- #define SSL_ST_SENT_NOTHING 0
diff --git a/testing/ssldump/0090-ssl-enums.patch b/testing/ssldump/0090-ssl-enums.patch
deleted file mode 100644
index ed2854833a..0000000000
--- a/testing/ssldump/0090-ssl-enums.patch
+++ /dev/null
@@ -1,1806 +0,0 @@
-Patch by Robert Scheck <robert@fedoraproject.org> for ssldump >= 0.9b3 which is
-updating the known cipher suites according to IANA. Note that the diff of second
-file has been generated using "grep ' CipherSuite ' ssl/ssl.enums > ssl-enums" and
-"python ssl-util.py". The helper script is based on a script by Mike Tigas, see
-also https://gist.github.com/mtigas/5969597#file-5-conv-py for the helper script.
-
---- snipp ssl-util.py ---
-#!/usr/bin/env python
-import re
-
-r = re.compile(r'\s+CipherSuite\s+(?P<proto>(?:TLS|SSL)_\w+)\s+=\s+\{\s+0x(?P<high>[0-9a-fA-F]{2}),0x(?P<low>[0-9a-fA-F]{2})\s+\};')
-if __name__ == "__main__":
- f = open('ssl-enums', 'rb')
- for line in f:
- res = r.search(line)
- if res:
- data = res.groupdict()
- val = '0x%s%s' % (data['high'], data['low'])
- proto = data['proto']
- print "\t{\n\t\t%d,\n\t\t\"%s\",\n\t\t0\t}," % (int(val, 16), proto)
- else:
- raise Exception
---- snapp ssl-util.py ---
-
---- ssldump-0.9b3/ssl/ssl.enums 2014-05-04 02:02:58.000000000 +0200
-+++ ssldump-0.9b3/ssl/ssl.enums.ssl-enums 2014-05-04 14:34:29.000000000 +0200
-@@ -329,67 +329,370 @@
- } HandshakeType;
-
- constant {
-- CipherSuite TLS_RSA_WITH_NULL_MD5 = { 0x00,0x01 };
-- CipherSuite TLS_RSA_WITH_NULL_SHA = { 0x00,0x02 };
-- CipherSuite TLS_RSA_EXPORT_WITH_RC4_40_MD5 = { 0x00,0x03 };
-- CipherSuite TLS_RSA_WITH_RC4_128_MD5 = { 0x00,0x04 };
-- CipherSuite TLS_RSA_WITH_RC4_128_SHA = { 0x00,0x05 };
-- CipherSuite TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = { 0x00,0x06 };
-- CipherSuite TLS_RSA_WITH_IDEA_CBC_SHA = { 0x00,0x07 };
-- CipherSuite TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x08 };
-- CipherSuite TLS_RSA_WITH_DES_CBC_SHA = { 0x00,0x09 };
-- CipherSuite TLS_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x0A };
-- CipherSuite TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x0B };
-- CipherSuite TLS_DH_DSS_WITH_DES_CBC_SHA = { 0x00,0x0C };
-- CipherSuite TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = { 0x00,0x0D };
-- CipherSuite TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x0E };
-- CipherSuite TLS_DH_RSA_WITH_DES_CBC_SHA = { 0x00,0x0F };
-- CipherSuite TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x10 };
-- CipherSuite TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x11 };
-- CipherSuite TLS_DHE_DSS_WITH_DES_CBC_SHA = { 0x00,0x12 };
-- CipherSuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = { 0x00,0x13 };
-- CipherSuite TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x14 };
-- CipherSuite TLS_DHE_RSA_WITH_DES_CBC_SHA = { 0x00,0x15 };
-- CipherSuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x16 };
-- CipherSuite TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = { 0x00,0x17 };
-- CipherSuite TLS_DH_anon_WITH_RC4_128_MD5 = { 0x00,0x18 };
-- CipherSuite TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x19 };
-- CipherSuite TLS_DH_anon_WITH_DES_CBC_SHA = { 0x00,0x1A };
-- CipherSuite TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = { 0x00,0x1B };
-- CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x2F };
-- CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA = { 0x00,0x30 };
-- CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x31 };
-- CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA = { 0x00,0x32 };
-- CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x33 };
-- CipherSuite TLS_DH_anon_WITH_AES_128_CBC_SHA = { 0x00,0x34 };
-- CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x35 };
-- CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA = { 0x00,0x36 };
-- CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x37 };
-- CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA = { 0x00,0x38 };
-- CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x39 };
-- CipherSuite TLS_DH_anon_WITH_AES_256_CBC_SHA = { 0x00,0x3A };
-- CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 = { 0x00,0x60 };
-- CipherSuite TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 = { 0x00,0x61 };
-- CipherSuite TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA = { 0x00,0x62 };
-- CipherSuite TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA = { 0x00,0x63 };
-- CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_SHA = { 0x00,0x64 };
-- CipherSuite TLS_DHE_DSS_WITH_RC2_56_CBC_SHA = { 0x00,0x65 };
-- CipherSuite TLS_DHE_DSS_WITH_RC4_128_SHA = { 0x00,0x66 };
-- CipherSuite TLS_DHE_DSS_WITH_NULL_SHA = { 0x00,0x67 };
-- CipherSuite SSL2_CK_RC4 = { 0x01,0x00,0x80};
-- CipherSuite SSL2_CK_RC4_EXPORT40 = { 0x02,0x00,0x80};
-- CipherSuite SSL2_CK_RC2 = { 0x03,0x00,0x80};
-- CipherSuite SSL2_CK_RC2_EXPORT40 = { 0x04,0x00,0x80};
-- CipherSuite SSL2_CK_IDEA = { 0x05,0x00,0x80};
-- CipherSuite SSL2_CK_DES = { 0x06,0x00,0x40};
-- CipherSuite SSL2_CK_RC464 = { 0x08,0x00,0x80};
-- CipherSuite SSL2_CK_3DES = { 0x07,0x00,0xc0};
-- CipherSuite TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = {0x00,0x4a};
-- CipherSuite TLS_ECDH_ECDSA_WITH_RC4_128_SHA = {0x00,0x48};
-- CipherSuite SSL_RSA_WITH_RC2_CBC_MD5 = {0xff,0x80};
-- CipherSuite TLS_ECDH_ECDSA_WITH_DES_CBC_SHA = {0x00,0x49};
-- CipherSuite TLS_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA={0xff,0x85};
-- CipherSuite TLS_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA={0xff,0x84};
-+ // https://www.iana.org/assignments/tls-parameters/tls-parameters.txt
-+ CipherSuite TLS_NULL_WITH_NULL_NULL = { 0x00,0x00 };
-+ CipherSuite TLS_RSA_WITH_NULL_MD5 = { 0x00,0x01 };
-+ CipherSuite TLS_RSA_WITH_NULL_SHA = { 0x00,0x02 };
-+ CipherSuite TLS_RSA_EXPORT_WITH_RC4_40_MD5 = { 0x00,0x03 };
-+ CipherSuite TLS_RSA_WITH_RC4_128_MD5 = { 0x00,0x04 };
-+ CipherSuite TLS_RSA_WITH_RC4_128_SHA = { 0x00,0x05 };
-+ CipherSuite TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = { 0x00,0x06 };
-+ CipherSuite TLS_RSA_WITH_IDEA_CBC_SHA = { 0x00,0x07 };
-+ CipherSuite TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x08 };
-+ CipherSuite TLS_RSA_WITH_DES_CBC_SHA = { 0x00,0x09 };
-+ CipherSuite TLS_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x0A };
-+ CipherSuite TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x0B };
-+ CipherSuite TLS_DH_DSS_WITH_DES_CBC_SHA = { 0x00,0x0C };
-+ CipherSuite TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = { 0x00,0x0D };
-+ CipherSuite TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x0E };
-+ CipherSuite TLS_DH_RSA_WITH_DES_CBC_SHA = { 0x00,0x0F };
-+ CipherSuite TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x10 };
-+ CipherSuite TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x11 };
-+ CipherSuite TLS_DHE_DSS_WITH_DES_CBC_SHA = { 0x00,0x12 };
-+ CipherSuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = { 0x00,0x13 };
-+ CipherSuite TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x14 };
-+ CipherSuite TLS_DHE_RSA_WITH_DES_CBC_SHA = { 0x00,0x15 };
-+ CipherSuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x16 };
-+ CipherSuite TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = { 0x00,0x17 };
-+ CipherSuite TLS_DH_anon_WITH_RC4_128_MD5 = { 0x00,0x18 };
-+ CipherSuite TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x19 };
-+ CipherSuite TLS_DH_anon_WITH_DES_CBC_SHA = { 0x00,0x1A };
-+ CipherSuite TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = { 0x00,0x1B };
-+ CipherSuite TLS_KRB5_WITH_DES_CBC_SHA = { 0x00,0x1E };
-+ CipherSuite TLS_KRB5_WITH_3DES_EDE_CBC_SHA = { 0x00,0x1F };
-+ CipherSuite TLS_KRB5_WITH_RC4_128_SHA = { 0x00,0x20 };
-+ CipherSuite TLS_KRB5_WITH_IDEA_CBC_SHA = { 0x00,0x21 };
-+ CipherSuite TLS_KRB5_WITH_DES_CBC_MD5 = { 0x00,0x22 };
-+ CipherSuite TLS_KRB5_WITH_3DES_EDE_CBC_MD5 = { 0x00,0x23 };
-+ CipherSuite TLS_KRB5_WITH_RC4_128_MD5 = { 0x00,0x24 };
-+ CipherSuite TLS_KRB5_WITH_IDEA_CBC_MD5 = { 0x00,0x25 };
-+ CipherSuite TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA = { 0x00,0x26 };
-+ CipherSuite TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA = { 0x00,0x27 };
-+ CipherSuite TLS_KRB5_EXPORT_WITH_RC4_40_SHA = { 0x00,0x28 };
-+ CipherSuite TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5 = { 0x00,0x29 };
-+ CipherSuite TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5 = { 0x00,0x2A };
-+ CipherSuite TLS_KRB5_EXPORT_WITH_RC4_40_MD5 = { 0x00,0x2B };
-+ CipherSuite TLS_PSK_WITH_NULL_SHA = { 0x00,0x2C };
-+ CipherSuite TLS_DHE_PSK_WITH_NULL_SHA = { 0x00,0x2D };
-+ CipherSuite TLS_RSA_PSK_WITH_NULL_SHA = { 0x00,0x2E };
-+ CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x2F };
-+ CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA = { 0x00,0x30 };
-+ CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x31 };
-+ CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA = { 0x00,0x32 };
-+ CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x33 };
-+ CipherSuite TLS_DH_anon_WITH_AES_128_CBC_SHA = { 0x00,0x34 };
-+ CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x35 };
-+ CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA = { 0x00,0x36 };
-+ CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x37 };
-+ CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA = { 0x00,0x38 };
-+ CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x39 };
-+ CipherSuite TLS_DH_anon_WITH_AES_256_CBC_SHA = { 0x00,0x3A };
-+ CipherSuite TLS_RSA_WITH_NULL_SHA256 = { 0x00,0x3B };
-+ CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA256 = { 0x00,0x3C };
-+ CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA256 = { 0x00,0x3D };
-+ CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA256 = { 0x00,0x3E };
-+ CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA256 = { 0x00,0x3F };
-+ CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = { 0x00,0x40 };
-+ CipherSuite TLS_RSA_WITH_CAMELLIA_128_CBC_SHA = { 0x00,0x41 };
-+ CipherSuite TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = { 0x00,0x42 };
-+ CipherSuite TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = { 0x00,0x43 };
-+ CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = { 0x00,0x44 };
-+ CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = { 0x00,0x45 };
-+ CipherSuite TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA = { 0x00,0x46 };
-+ CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = { 0x00,0x67 };
-+ CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA256 = { 0x00,0x68 };
-+ CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA256 = { 0x00,0x69 };
-+ CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = { 0x00,0x6A };
-+ CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = { 0x00,0x6B };
-+ CipherSuite TLS_DH_anon_WITH_AES_128_CBC_SHA256 = { 0x00,0x6C };
-+ CipherSuite TLS_DH_anon_WITH_AES_256_CBC_SHA256 = { 0x00,0x6D };
-+ CipherSuite TLS_RSA_WITH_CAMELLIA_256_CBC_SHA = { 0x00,0x84 };
-+ CipherSuite TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = { 0x00,0x85 };
-+ CipherSuite TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = { 0x00,0x86 };
-+ CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = { 0x00,0x87 };
-+ CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = { 0x00,0x88 };
-+ CipherSuite TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA = { 0x00,0x89 };
-+ CipherSuite TLS_PSK_WITH_RC4_128_SHA = { 0x00,0x8A };
-+ CipherSuite TLS_PSK_WITH_3DES_EDE_CBC_SHA = { 0x00,0x8B };
-+ CipherSuite TLS_PSK_WITH_AES_128_CBC_SHA = { 0x00,0x8C };
-+ CipherSuite TLS_PSK_WITH_AES_256_CBC_SHA = { 0x00,0x8D };
-+ CipherSuite TLS_DHE_PSK_WITH_RC4_128_SHA = { 0x00,0x8E };
-+ CipherSuite TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA = { 0x00,0x8F };
-+ CipherSuite TLS_DHE_PSK_WITH_AES_128_CBC_SHA = { 0x00,0x90 };
-+ CipherSuite TLS_DHE_PSK_WITH_AES_256_CBC_SHA = { 0x00,0x91 };
-+ CipherSuite TLS_RSA_PSK_WITH_RC4_128_SHA = { 0x00,0x92 };
-+ CipherSuite TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA = { 0x00,0x93 };
-+ CipherSuite TLS_RSA_PSK_WITH_AES_128_CBC_SHA = { 0x00,0x94 };
-+ CipherSuite TLS_RSA_PSK_WITH_AES_256_CBC_SHA = { 0x00,0x95 };
-+ CipherSuite TLS_RSA_WITH_SEED_CBC_SHA = { 0x00,0x96 };
-+ CipherSuite TLS_DH_DSS_WITH_SEED_CBC_SHA = { 0x00,0x97 };
-+ CipherSuite TLS_DH_RSA_WITH_SEED_CBC_SHA = { 0x00,0x98 };
-+ CipherSuite TLS_DHE_DSS_WITH_SEED_CBC_SHA = { 0x00,0x99 };
-+ CipherSuite TLS_DHE_RSA_WITH_SEED_CBC_SHA = { 0x00,0x9A };
-+ CipherSuite TLS_DH_anon_WITH_SEED_CBC_SHA = { 0x00,0x9B };
-+ CipherSuite TLS_RSA_WITH_AES_128_GCM_SHA256 = { 0x00,0x9C };
-+ CipherSuite TLS_RSA_WITH_AES_256_GCM_SHA384 = { 0x00,0x9D };
-+ CipherSuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = { 0x00,0x9E };
-+ CipherSuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = { 0x00,0x9F };
-+ CipherSuite TLS_DH_RSA_WITH_AES_128_GCM_SHA256 = { 0x00,0xA0 };
-+ CipherSuite TLS_DH_RSA_WITH_AES_256_GCM_SHA384 = { 0x00,0xA1 };
-+ CipherSuite TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 = { 0x00,0xA2 };
-+ CipherSuite TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 = { 0x00,0xA3 };
-+ CipherSuite TLS_DH_DSS_WITH_AES_128_GCM_SHA256 = { 0x00,0xA4 };
-+ CipherSuite TLS_DH_DSS_WITH_AES_256_GCM_SHA384 = { 0x00,0xA5 };
-+ CipherSuite TLS_DH_anon_WITH_AES_128_GCM_SHA256 = { 0x00,0xA6 };
-+ CipherSuite TLS_DH_anon_WITH_AES_256_GCM_SHA384 = { 0x00,0xA7 };
-+ CipherSuite TLS_PSK_WITH_AES_128_GCM_SHA256 = { 0x00,0xA8 };
-+ CipherSuite TLS_PSK_WITH_AES_256_GCM_SHA384 = { 0x00,0xA9 };
-+ CipherSuite TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = { 0x00,0xAA };
-+ CipherSuite TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 = { 0x00,0xAB };
-+ CipherSuite TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 = { 0x00,0xAC };
-+ CipherSuite TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 = { 0x00,0xAD };
-+ CipherSuite TLS_PSK_WITH_AES_128_CBC_SHA256 = { 0x00,0xAE };
-+ CipherSuite TLS_PSK_WITH_AES_256_CBC_SHA384 = { 0x00,0xAF };
-+ CipherSuite TLS_PSK_WITH_NULL_SHA256 = { 0x00,0xB0 };
-+ CipherSuite TLS_PSK_WITH_NULL_SHA384 = { 0x00,0xB1 };
-+ CipherSuite TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = { 0x00,0xB2 };
-+ CipherSuite TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = { 0x00,0xB3 };
-+ CipherSuite TLS_DHE_PSK_WITH_NULL_SHA256 = { 0x00,0xB4 };
-+ CipherSuite TLS_DHE_PSK_WITH_NULL_SHA384 = { 0x00,0xB5 };
-+ CipherSuite TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 = { 0x00,0xB6 };
-+ CipherSuite TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 = { 0x00,0xB7 };
-+ CipherSuite TLS_RSA_PSK_WITH_NULL_SHA256 = { 0x00,0xB8 };
-+ CipherSuite TLS_RSA_PSK_WITH_NULL_SHA384 = { 0x00,0xB9 };
-+ CipherSuite TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 = { 0x00,0xBA };
-+ CipherSuite TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = { 0x00,0xBB };
-+ CipherSuite TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = { 0x00,0xBC };
-+ CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = { 0x00,0xBD };
-+ CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = { 0x00,0xBE };
-+ CipherSuite TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 = { 0x00,0xBF };
-+ CipherSuite TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 = { 0x00,0xC0 };
-+ CipherSuite TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = { 0x00,0xC1 };
-+ CipherSuite TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = { 0x00,0xC2 };
-+ CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = { 0x00,0xC3 };
-+ CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = { 0x00,0xC4 };
-+ CipherSuite TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 = { 0x00,0xC5 };
-+ CipherSuite TLS_EMPTY_RENEGOTIATION_INFO_SCSV = { 0x00,0xFF };
-+ CipherSuite TLS_ECDH_ECDSA_WITH_NULL_SHA = { 0xC0,0x01 };
-+ CipherSuite TLS_ECDH_ECDSA_WITH_RC4_128_SHA = { 0xC0,0x02 };
-+ CipherSuite TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x03 };
-+ CipherSuite TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA = { 0xC0,0x04 };
-+ CipherSuite TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = { 0xC0,0x05 };
-+ CipherSuite TLS_ECDHE_ECDSA_WITH_NULL_SHA = { 0xC0,0x06 };
-+ CipherSuite TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = { 0xC0,0x07 };
-+ CipherSuite TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x08 };
-+ CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = { 0xC0,0x09 };
-+ CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = { 0xC0,0x0A };
-+ CipherSuite TLS_ECDH_RSA_WITH_NULL_SHA = { 0xC0,0x0B };
-+ CipherSuite TLS_ECDH_RSA_WITH_RC4_128_SHA = { 0xC0,0x0C };
-+ CipherSuite TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x0D };
-+ CipherSuite TLS_ECDH_RSA_WITH_AES_128_CBC_SHA = { 0xC0,0x0E };
-+ CipherSuite TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = { 0xC0,0x0F };
-+ CipherSuite TLS_ECDHE_RSA_WITH_NULL_SHA = { 0xC0,0x10 };
-+ CipherSuite TLS_ECDHE_RSA_WITH_RC4_128_SHA = { 0xC0,0x11 };
-+ CipherSuite TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x12 };
-+ CipherSuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = { 0xC0,0x13 };
-+ CipherSuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = { 0xC0,0x14 };
-+ CipherSuite TLS_ECDH_anon_WITH_NULL_SHA = { 0xC0,0x15 };
-+ CipherSuite TLS_ECDH_anon_WITH_RC4_128_SHA = { 0xC0,0x16 };
-+ CipherSuite TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x17 };
-+ CipherSuite TLS_ECDH_anon_WITH_AES_128_CBC_SHA = { 0xC0,0x18 };
-+ CipherSuite TLS_ECDH_anon_WITH_AES_256_CBC_SHA = { 0xC0,0x19 };
-+ CipherSuite TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x1A };
-+ CipherSuite TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x1B };
-+ CipherSuite TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x1C };
-+ CipherSuite TLS_SRP_SHA_WITH_AES_128_CBC_SHA = { 0xC0,0x1D };
-+ CipherSuite TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = { 0xC0,0x1E };
-+ CipherSuite TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = { 0xC0,0x1F };
-+ CipherSuite TLS_SRP_SHA_WITH_AES_256_CBC_SHA = { 0xC0,0x20 };
-+ CipherSuite TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = { 0xC0,0x21 };
-+ CipherSuite TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = { 0xC0,0x22 };
-+ CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = { 0xC0,0x23 };
-+ CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = { 0xC0,0x24 };
-+ CipherSuite TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 = { 0xC0,0x25 };
-+ CipherSuite TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 = { 0xC0,0x26 };
-+ CipherSuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = { 0xC0,0x27 };
-+ CipherSuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = { 0xC0,0x28 };
-+ CipherSuite TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 = { 0xC0,0x29 };
-+ CipherSuite TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 = { 0xC0,0x2A };
-+ CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = { 0xC0,0x2B };
-+ CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = { 0xC0,0x2C };
-+ CipherSuite TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = { 0xC0,0x2D };
-+ CipherSuite TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = { 0xC0,0x2E };
-+ CipherSuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = { 0xC0,0x2F };
-+ CipherSuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = { 0xC0,0x30 };
-+ CipherSuite TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 = { 0xC0,0x31 };
-+ CipherSuite TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 = { 0xC0,0x32 };
-+ CipherSuite TLS_ECDHE_PSK_WITH_RC4_128_SHA = { 0xC0,0x33 };
-+ CipherSuite TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x34 };
-+ CipherSuite TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA = { 0xC0,0x35 };
-+ CipherSuite TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA = { 0xC0,0x36 };
-+ CipherSuite TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = { 0xC0,0x37 };
-+ CipherSuite TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = { 0xC0,0x38 };
-+ CipherSuite TLS_ECDHE_PSK_WITH_NULL_SHA = { 0xC0,0x39 };
-+ CipherSuite TLS_ECDHE_PSK_WITH_NULL_SHA256 = { 0xC0,0x3A };
-+ CipherSuite TLS_ECDHE_PSK_WITH_NULL_SHA384 = { 0xC0,0x3B };
-+ CipherSuite TLS_RSA_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x3C };
-+ CipherSuite TLS_RSA_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x3D };
-+ CipherSuite TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x3E };
-+ CipherSuite TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x3F };
-+ CipherSuite TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x40 };
-+ CipherSuite TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x41 };
-+ CipherSuite TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x42 };
-+ CipherSuite TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x43 };
-+ CipherSuite TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x44 };
-+ CipherSuite TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x45 };
-+ CipherSuite TLS_DH_anon_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x46 };
-+ CipherSuite TLS_DH_anon_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x47 };
-+ CipherSuite TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x48 };
-+ CipherSuite TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x49 };
-+ CipherSuite TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x4A };
-+ CipherSuite TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x4B };
-+ CipherSuite TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x4C };
-+ CipherSuite TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x4D };
-+ CipherSuite TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x4E };
-+ CipherSuite TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x4F };
-+ CipherSuite TLS_RSA_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x50 };
-+ CipherSuite TLS_RSA_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x51 };
-+ CipherSuite TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x52 };
-+ CipherSuite TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x53 };
-+ CipherSuite TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x54 };
-+ CipherSuite TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x55 };
-+ CipherSuite TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x56 };
-+ CipherSuite TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x57 };
-+ CipherSuite TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x58 };
-+ CipherSuite TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x59 };
-+ CipherSuite TLS_DH_anon_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x5A };
-+ CipherSuite TLS_DH_anon_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x5B };
-+ CipherSuite TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x5C };
-+ CipherSuite TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x5D };
-+ CipherSuite TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x5E };
-+ CipherSuite TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x5F };
-+ CipherSuite TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x60 };
-+ CipherSuite TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x61 };
-+ CipherSuite TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x62 };
-+ CipherSuite TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x63 };
-+ CipherSuite TLS_PSK_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x64 };
-+ CipherSuite TLS_PSK_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x65 };
-+ CipherSuite TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x66 };
-+ CipherSuite TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x67 };
-+ CipherSuite TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x68 };
-+ CipherSuite TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x69 };
-+ CipherSuite TLS_PSK_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x6A };
-+ CipherSuite TLS_PSK_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x6B };
-+ CipherSuite TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x6C };
-+ CipherSuite TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x6D };
-+ CipherSuite TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x6E };
-+ CipherSuite TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x6F };
-+ CipherSuite TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x70 };
-+ CipherSuite TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x71 };
-+ CipherSuite TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = { 0xC0,0x72 };
-+ CipherSuite TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = { 0xC0,0x73 };
-+ CipherSuite TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = { 0xC0,0x74 };
-+ CipherSuite TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = { 0xC0,0x75 };
-+ CipherSuite TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = { 0xC0,0x76 };
-+ CipherSuite TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = { 0xC0,0x77 };
-+ CipherSuite TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = { 0xC0,0x78 };
-+ CipherSuite TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = { 0xC0,0x79 };
-+ CipherSuite TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x7A };
-+ CipherSuite TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x7B };
-+ CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x7C };
-+ CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x7D };
-+ CipherSuite TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x7E };
-+ CipherSuite TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x7F };
-+ CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x80 };
-+ CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x81 };
-+ CipherSuite TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x82 };
-+ CipherSuite TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x83 };
-+ CipherSuite TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x84 };
-+ CipherSuite TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x85 };
-+ CipherSuite TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x86 };
-+ CipherSuite TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x87 };
-+ CipherSuite TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x88 };
-+ CipherSuite TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x89 };
-+ CipherSuite TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x8A };
-+ CipherSuite TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x8B };
-+ CipherSuite TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x8C };
-+ CipherSuite TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x8D };
-+ CipherSuite TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x8E };
-+ CipherSuite TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x8F };
-+ CipherSuite TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x90 };
-+ CipherSuite TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x91 };
-+ CipherSuite TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x92 };
-+ CipherSuite TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x93 };
-+ CipherSuite TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 = { 0xC0,0x94 };
-+ CipherSuite TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 = { 0xC0,0x95 };
-+ CipherSuite TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = { 0xC0,0x96 };
-+ CipherSuite TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = { 0xC0,0x97 };
-+ CipherSuite TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = { 0xC0,0x98 };
-+ CipherSuite TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = { 0xC0,0x99 };
-+ CipherSuite TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = { 0xC0,0x9A };
-+ CipherSuite TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = { 0xC0,0x9B };
-+ CipherSuite TLS_RSA_WITH_AES_128_CCM = { 0xC0,0x9C };
-+ CipherSuite TLS_RSA_WITH_AES_256_CCM = { 0xC0,0x9D };
-+ CipherSuite TLS_DHE_RSA_WITH_AES_128_CCM = { 0xC0,0x9E };
-+ CipherSuite TLS_DHE_RSA_WITH_AES_256_CCM = { 0xC0,0x9F };
-+ CipherSuite TLS_RSA_WITH_AES_128_CCM_8 = { 0xC0,0xA0 };
-+ CipherSuite TLS_RSA_WITH_AES_256_CCM_8 = { 0xC0,0xA1 };
-+ CipherSuite TLS_DHE_RSA_WITH_AES_128_CCM_8 = { 0xC0,0xA2 };
-+ CipherSuite TLS_DHE_RSA_WITH_AES_256_CCM_8 = { 0xC0,0xA3 };
-+ CipherSuite TLS_PSK_WITH_AES_128_CCM = { 0xC0,0xA4 };
-+ CipherSuite TLS_PSK_WITH_AES_256_CCM = { 0xC0,0xA5 };
-+ CipherSuite TLS_DHE_PSK_WITH_AES_128_CCM = { 0xC0,0xA6 };
-+ CipherSuite TLS_DHE_PSK_WITH_AES_256_CCM = { 0xC0,0xA7 };
-+ CipherSuite TLS_PSK_WITH_AES_128_CCM_8 = { 0xC0,0xA8 };
-+ CipherSuite TLS_PSK_WITH_AES_256_CCM_8 = { 0xC0,0xA9 };
-+ CipherSuite TLS_PSK_DHE_WITH_AES_128_CCM_8 = { 0xC0,0xAA };
-+ CipherSuite TLS_PSK_DHE_WITH_AES_256_CCM_8 = { 0xC0,0xAB };
-+ CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_CCM = { 0xC0,0xAC };
-+ CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_CCM = { 0xC0,0xAD };
-+ CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 = { 0xC0,0xAE };
-+ CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 = { 0xC0,0xAF };
-+ // DRAFT-IETF-TLS-ECC
-+ CipherSuite TLS_ECDH_ECDSA_WITH_NULL_SHA = { 0x00,0x47 };
-+ CipherSuite TLS_ECDH_ECDSA_WITH_RC4_128_SHA = { 0x00,0x48 };
-+ CipherSuite TLS_ECDH_ECDSA_WITH_DES_CBC_SHA = { 0x00,0x49 };
-+ CipherSuite TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x4A };
-+ CipherSuite TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA = { 0x00,0x4B };
-+ CipherSuite TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = { 0x00,0x4C };
-+ CipherSuite TLS_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA = { 0x00,0x4B };
-+ CipherSuite TLS_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA = { 0x00,0x4C };
-+ CipherSuite TLS_ECDH_RSA_WITH_NULL_SHA = { 0x00,0x4D };
-+ CipherSuite TLS_ECDH_RSA_WITH_RC4_128_SHA = { 0x00,0x4E };
-+ CipherSuite TLS_ECDH_RSA_WITH_DES_CBC_SHA = { 0x00,0x4F };
-+ CipherSuite TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x50 };
-+ CipherSuite TLS_ECDH_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x51 };
-+ CipherSuite TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x52 };
-+ CipherSuite TLS_ECDH_RSA_EXPORT_WITH_RC4_40_SHA = { 0x00,0x53 };
-+ CipherSuite TLS_ECDH_RSA_EXPORT_WITH_RC4_56_SHA = { 0x00,0x54 };
-+ CipherSuite TLS_ECDH_anon_NULL_WITH_SHA = { 0x00,0x55 };
-+ CipherSuite TLS_ECDH_anon_WITH_RC4_128_SHA = { 0x00,0x56 };
-+ CipherSuite TLS_ECDH_anon_WITH_DES_CBC_SHA = { 0x00,0x57 };
-+ CipherSuite TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA = { 0x00,0x58 };
-+ CipherSuite TLS_ECDH_anon_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x59 };
-+ CipherSuite TLS_ECDH_anon_EXPORT_WITH_RC4_40_SHA = { 0x00,0x5A };
-+ // DRAFT-IETF-TLS-56-BIT-CIPHERSUITES
-+ CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 = { 0x00,0x60 };
-+ CipherSuite TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 = { 0x00,0x61 };
-+ CipherSuite TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA = { 0x00,0x62 };
-+ CipherSuite TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA = { 0x00,0x63 };
-+ CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_SHA = { 0x00,0x64 };
-+ CipherSuite TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA = { 0x00,0x65 };
-+ CipherSuite TLS_DHE_DSS_WITH_RC4_128_SHA = { 0x00,0x66 };
-+ // FIPS SSL (Netscape)
-+ CipherSuite SSL_RSA_FIPS_WITH_DES_CBC_SHA = { 0xFE,0xFE };
-+ CipherSuite SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA = { 0xFE,0xFF };
-+ // SSL 2.0
-+ CipherSuite SSL2_RC4_128_WITH_MD5 = { 0x01,0x00,0x80 };
-+ CipherSuite SSL2_RC4_128_EXPORT40_WITH_MD5 = { 0x02,0x00,0x80 };
-+ CipherSuite SSL2_RC2_CBC_128_CBC_WITH_MD5 = { 0x03,0x00,0x80 };
-+ CipherSuite SSL2_RC2_128_CBC_EXPORT40_WITH_MD5 = { 0x04,0x00,0x80 };
-+ CipherSuite SSL2_IDEA_128_CBC_WITH_MD5 = { 0x05,0x00,0x80 };
-+ CipherSuite SSL2_DES_64_CBC_WITH_MD5 = { 0x06,0x00,0x40 };
-+ CipherSuite SSL2_DES_64_CBC_WITH_SHA = { 0x06,0x01,0x40 };
-+ CipherSuite SSL2_DES_192_EDE3_CBC_WITH_MD5 = { 0x07,0x00,0xc0 };
-+ CipherSuite SSL2_DES_192_EDE3_CBC_WITH_SHA = { 0x07,0x01,0xc0 };
-+ CipherSuite SSL2_RC4_64_WITH_MD5 = { 0x08,0x00,0x80 };
- } cipher_suite;
-
-
---- ssldump-0.9b3/ssl/ssl.enums.c 2014-05-04 02:02:58.000000000 +0200
-+++ ssldump-0.9b3/ssl/ssl.enums.c.ssl-enums 2014-05-04 18:37:48.000000000 +0200
-@@ -504,6 +504,11 @@
- };
-
- decoder cipher_suite_decoder[]={
-+ // https://www.iana.org/assignments/tls-parameters/tls-parameters.txt
-+ {
-+ 0,
-+ "TLS_NULL_WITH_NULL_NULL",
-+ 0 },
- {
- 1,
- "TLS_RSA_WITH_NULL_MD5",
-@@ -613,6 +618,74 @@
- "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA",
- 0 },
- {
-+ 30,
-+ "TLS_KRB5_WITH_DES_CBC_SHA",
-+ 0 },
-+ {
-+ 31,
-+ "TLS_KRB5_WITH_3DES_EDE_CBC_SHA",
-+ 0 },
-+ {
-+ 32,
-+ "TLS_KRB5_WITH_RC4_128_SHA",
-+ 0 },
-+ {
-+ 33,
-+ "TLS_KRB5_WITH_IDEA_CBC_SHA",
-+ 0 },
-+ {
-+ 34,
-+ "TLS_KRB5_WITH_DES_CBC_MD5",
-+ 0 },
-+ {
-+ 35,
-+ "TLS_KRB5_WITH_3DES_EDE_CBC_MD5",
-+ 0 },
-+ {
-+ 36,
-+ "TLS_KRB5_WITH_RC4_128_MD5",
-+ 0 },
-+ {
-+ 37,
-+ "TLS_KRB5_WITH_IDEA_CBC_MD5",
-+ 0 },
-+ {
-+ 38,
-+ "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA",
-+ 0 },
-+ {
-+ 39,
-+ "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA",
-+ 0 },
-+ {
-+ 40,
-+ "TLS_KRB5_EXPORT_WITH_RC4_40_SHA",
-+ 0 },
-+ {
-+ 41,
-+ "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5",
-+ 0 },
-+ {
-+ 42,
-+ "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5",
-+ 0 },
-+ {
-+ 43,
-+ "TLS_KRB5_EXPORT_WITH_RC4_40_MD5",
-+ 0 },
-+ {
-+ 44,
-+ "TLS_PSK_WITH_NULL_SHA",
-+ 0 },
-+ {
-+ 45,
-+ "TLS_DHE_PSK_WITH_NULL_SHA",
-+ 0 },
-+ {
-+ 46,
-+ "TLS_RSA_PSK_WITH_NULL_SHA",
-+ 0 },
-+ {
- 47,
- "TLS_RSA_WITH_AES_128_CBC_SHA",
- 0 },
-@@ -661,92 +734,1216 @@
- "TLS_DH_anon_WITH_AES_256_CBC_SHA",
- 0 },
- {
-- 96,
-- "TLS_RSA_EXPORT1024_WITH_RC4_56_MD5",
-+ 59,
-+ "TLS_RSA_WITH_NULL_SHA256",
- 0 },
- {
-- 97,
-- "TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5",
-+ 60,
-+ "TLS_RSA_WITH_AES_128_CBC_SHA256",
- 0 },
- {
-- 98,
-- "TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA",
-+ 61,
-+ "TLS_RSA_WITH_AES_256_CBC_SHA256",
- 0 },
- {
-- 99,
-- "TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA",
-+ 62,
-+ "TLS_DH_DSS_WITH_AES_128_CBC_SHA256",
- 0 },
- {
-- 100,
-- "TLS_RSA_EXPORT1024_WITH_RC4_56_SHA",
-+ 63,
-+ "TLS_DH_RSA_WITH_AES_128_CBC_SHA256",
- 0 },
- {
-- 101,
-- "TLS_DHE_DSS_WITH_RC2_56_CBC_SHA",
-+ 64,
-+ "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
- 0 },
- {
-- 102,
-- "TLS_DHE_DSS_WITH_RC4_128_SHA",
-+ 65,
-+ "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA",
-+ 0 },
-+ {
-+ 66,
-+ "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA",
-+ 0 },
-+ {
-+ 67,
-+ "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA",
-+ 0 },
-+ {
-+ 68,
-+ "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA",
-+ 0 },
-+ {
-+ 69,
-+ "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA",
-+ 0 },
-+ {
-+ 70,
-+ "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA",
- 0 },
- {
- 103,
-- "TLS_DHE_DSS_WITH_NULL_SHA",
-+ "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
- 0 },
- {
-- 65664,
-- "SSL2_CK_RC4",
-+ 104,
-+ "TLS_DH_DSS_WITH_AES_256_CBC_SHA256",
- 0 },
- {
-- 131200,
-- "SSL2_CK_RC4_EXPORT40",
-+ 105,
-+ "TLS_DH_RSA_WITH_AES_256_CBC_SHA256",
- 0 },
- {
-- 196736,
-- "SSL2_CK_RC2",
-+ 106,
-+ "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
- 0 },
- {
-- 262272,
-- "SSL2_CK_RC2_EXPORT40",
-+ 107,
-+ "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
- 0 },
- {
-- 327808,
-- "SSL2_CK_IDEA",
-+ 108,
-+ "TLS_DH_anon_WITH_AES_128_CBC_SHA256",
- 0 },
- {
-- 393280,
-- "SSL2_CK_DES",
-+ 109,
-+ "TLS_DH_anon_WITH_AES_256_CBC_SHA256",
- 0 },
- {
-- 524416,
-- "SSL2_CK_RC464",
-+ 132,
-+ "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA",
- 0 },
- {
-- 458944,
-- "SSL2_CK_3DES",
-+ 133,
-+ "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA",
- 0 },
- {
-- 74,
-- "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
-+ 134,
-+ "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA",
- 0 },
- {
-- 72,
-+ 135,
-+ "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA",
-+ 0 },
-+ {
-+ 136,
-+ "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA",
-+ 0 },
-+ {
-+ 137,
-+ "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA",
-+ 0 },
-+ {
-+ 138,
-+ "TLS_PSK_WITH_RC4_128_SHA",
-+ 0 },
-+ {
-+ 139,
-+ "TLS_PSK_WITH_3DES_EDE_CBC_SHA",
-+ 0 },
-+ {
-+ 140,
-+ "TLS_PSK_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 141,
-+ "TLS_PSK_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
-+ 142,
-+ "TLS_DHE_PSK_WITH_RC4_128_SHA",
-+ 0 },
-+ {
-+ 143,
-+ "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA",
-+ 0 },
-+ {
-+ 144,
-+ "TLS_DHE_PSK_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 145,
-+ "TLS_DHE_PSK_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
-+ 146,
-+ "TLS_RSA_PSK_WITH_RC4_128_SHA",
-+ 0 },
-+ {
-+ 147,
-+ "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA",
-+ 0 },
-+ {
-+ 148,
-+ "TLS_RSA_PSK_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 149,
-+ "TLS_RSA_PSK_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
-+ 150,
-+ "TLS_RSA_WITH_SEED_CBC_SHA",
-+ 0 },
-+ {
-+ 151,
-+ "TLS_DH_DSS_WITH_SEED_CBC_SHA",
-+ 0 },
-+ {
-+ 152,
-+ "TLS_DH_RSA_WITH_SEED_CBC_SHA",
-+ 0 },
-+ {
-+ 153,
-+ "TLS_DHE_DSS_WITH_SEED_CBC_SHA",
-+ 0 },
-+ {
-+ 154,
-+ "TLS_DHE_RSA_WITH_SEED_CBC_SHA",
-+ 0 },
-+ {
-+ 155,
-+ "TLS_DH_anon_WITH_SEED_CBC_SHA",
-+ 0 },
-+ {
-+ 156,
-+ "TLS_RSA_WITH_AES_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 157,
-+ "TLS_RSA_WITH_AES_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 158,
-+ "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 159,
-+ "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 160,
-+ "TLS_DH_RSA_WITH_AES_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 161,
-+ "TLS_DH_RSA_WITH_AES_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 162,
-+ "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 163,
-+ "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 164,
-+ "TLS_DH_DSS_WITH_AES_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 165,
-+ "TLS_DH_DSS_WITH_AES_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 166,
-+ "TLS_DH_anon_WITH_AES_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 167,
-+ "TLS_DH_anon_WITH_AES_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 168,
-+ "TLS_PSK_WITH_AES_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 169,
-+ "TLS_PSK_WITH_AES_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 170,
-+ "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 171,
-+ "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 172,
-+ "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 173,
-+ "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 174,
-+ "TLS_PSK_WITH_AES_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 175,
-+ "TLS_PSK_WITH_AES_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 176,
-+ "TLS_PSK_WITH_NULL_SHA256",
-+ 0 },
-+ {
-+ 177,
-+ "TLS_PSK_WITH_NULL_SHA384",
-+ 0 },
-+ {
-+ 178,
-+ "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 179,
-+ "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 180,
-+ "TLS_DHE_PSK_WITH_NULL_SHA256",
-+ 0 },
-+ {
-+ 181,
-+ "TLS_DHE_PSK_WITH_NULL_SHA384",
-+ 0 },
-+ {
-+ 182,
-+ "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 183,
-+ "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 184,
-+ "TLS_RSA_PSK_WITH_NULL_SHA256",
-+ 0 },
-+ {
-+ 185,
-+ "TLS_RSA_PSK_WITH_NULL_SHA384",
-+ 0 },
-+ {
-+ 186,
-+ "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 187,
-+ "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 188,
-+ "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 189,
-+ "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 190,
-+ "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 191,
-+ "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 192,
-+ "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256",
-+ 0 },
-+ {
-+ 193,
-+ "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256",
-+ 0 },
-+ {
-+ 194,
-+ "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256",
-+ 0 },
-+ {
-+ 195,
-+ "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256",
-+ 0 },
-+ {
-+ 196,
-+ "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256",
-+ 0 },
-+ {
-+ 197,
-+ "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256",
-+ 0 },
-+ {
-+ 255,
-+ "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
-+ 0 },
-+ {
-+ 49153,
-+ "TLS_ECDH_ECDSA_WITH_NULL_SHA",
-+ 0 },
-+ {
-+ 49154,
- "TLS_ECDH_ECDSA_WITH_RC4_128_SHA",
- 0 },
- {
-- 65408,
-- "SSL_RSA_WITH_RC2_CBC_MD5",
-+ 49155,
-+ "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
- 0 },
- {
-- 73,
-- "TLS_ECDH_ECDSA_WITH_DES_CBC_SHA",
-+ 49156,
-+ "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
- 0 },
- {
-- 65413,
-- "TLS_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA",
-+ 49157,
-+ "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
- 0 },
- {
-- 65412,
-- "TLS_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA",
-+ 49158,
-+ "TLS_ECDHE_ECDSA_WITH_NULL_SHA",
-+ 0 },
-+ {
-+ 49159,
-+ "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
-+ 0 },
-+ {
-+ 49160,
-+ "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA",
-+ 0 },
-+ {
-+ 49161,
-+ "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 49162,
-+ "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
-+ 49163,
-+ "TLS_ECDH_RSA_WITH_NULL_SHA",
-+ 0 },
-+ {
-+ 49164,
-+ "TLS_ECDH_RSA_WITH_RC4_128_SHA",
-+ 0 },
-+ {
-+ 49165,
-+ "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA",
-+ 0 },
-+ {
-+ 49166,
-+ "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 49167,
-+ "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
-+ 49168,
-+ "TLS_ECDHE_RSA_WITH_NULL_SHA",
-+ 0 },
-+ {
-+ 49169,
-+ "TLS_ECDHE_RSA_WITH_RC4_128_SHA",
-+ 0 },
-+ {
-+ 49170,
-+ "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
-+ 0 },
-+ {
-+ 49171,
-+ "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 49172,
-+ "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
-+ 49173,
-+ "TLS_ECDH_anon_WITH_NULL_SHA",
-+ 0 },
-+ {
-+ 49174,
-+ "TLS_ECDH_anon_WITH_RC4_128_SHA",
-+ 0 },
-+ {
-+ 49175,
-+ "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA",
-+ 0 },
-+ {
-+ 49176,
-+ "TLS_ECDH_anon_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 49177,
-+ "TLS_ECDH_anon_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
-+ 49178,
-+ "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA",
-+ 0 },
-+ {
-+ 49179,
-+ "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA",
-+ 0 },
-+ {
-+ 49180,
-+ "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA",
-+ 0 },
-+ {
-+ 49181,
-+ "TLS_SRP_SHA_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 49182,
-+ "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 49183,
-+ "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 49184,
-+ "TLS_SRP_SHA_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
-+ 49185,
-+ "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
-+ 49186,
-+ "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
-+ 49187,
-+ "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49188,
-+ "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49189,
-+ "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49190,
-+ "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49191,
-+ "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49192,
-+ "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49193,
-+ "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49194,
-+ "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49195,
-+ "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49196,
-+ "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49197,
-+ "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49198,
-+ "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49199,
-+ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49200,
-+ "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49201,
-+ "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49202,
-+ "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49203,
-+ "TLS_ECDHE_PSK_WITH_RC4_128_SHA",
-+ 0 },
-+ {
-+ 49204,
-+ "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA",
-+ 0 },
-+ {
-+ 49205,
-+ "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 49206,
-+ "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
-+ 49207,
-+ "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49208,
-+ "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49209,
-+ "TLS_ECDHE_PSK_WITH_NULL_SHA",
-+ 0 },
-+ {
-+ 49210,
-+ "TLS_ECDHE_PSK_WITH_NULL_SHA256",
-+ 0 },
-+ {
-+ 49211,
-+ "TLS_ECDHE_PSK_WITH_NULL_SHA384",
-+ 0 },
-+ {
-+ 49212,
-+ "TLS_RSA_WITH_ARIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49213,
-+ "TLS_RSA_WITH_ARIA_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49214,
-+ "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49215,
-+ "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49216,
-+ "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49217,
-+ "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49218,
-+ "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49219,
-+ "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49220,
-+ "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49221,
-+ "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49222,
-+ "TLS_DH_anon_WITH_ARIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49223,
-+ "TLS_DH_anon_WITH_ARIA_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49224,
-+ "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49225,
-+ "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49226,
-+ "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49227,
-+ "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49228,
-+ "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49229,
-+ "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49230,
-+ "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49231,
-+ "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49232,
-+ "TLS_RSA_WITH_ARIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49233,
-+ "TLS_RSA_WITH_ARIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49234,
-+ "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49235,
-+ "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49236,
-+ "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49237,
-+ "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49238,
-+ "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49239,
-+ "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49240,
-+ "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49241,
-+ "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49242,
-+ "TLS_DH_anon_WITH_ARIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49243,
-+ "TLS_DH_anon_WITH_ARIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49244,
-+ "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49245,
-+ "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49246,
-+ "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49247,
-+ "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49248,
-+ "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49249,
-+ "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49250,
-+ "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49251,
-+ "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49252,
-+ "TLS_PSK_WITH_ARIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49253,
-+ "TLS_PSK_WITH_ARIA_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49254,
-+ "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49255,
-+ "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49256,
-+ "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49257,
-+ "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49258,
-+ "TLS_PSK_WITH_ARIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49259,
-+ "TLS_PSK_WITH_ARIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49260,
-+ "TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49261,
-+ "TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49262,
-+ "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49263,
-+ "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49264,
-+ "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49265,
-+ "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49266,
-+ "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49267,
-+ "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49268,
-+ "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49269,
-+ "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49270,
-+ "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49271,
-+ "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49272,
-+ "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49273,
-+ "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49274,
-+ "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49275,
-+ "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49276,
-+ "TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49277,
-+ "TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49278,
-+ "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49279,
-+ "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49280,
-+ "TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49281,
-+ "TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49282,
-+ "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49283,
-+ "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49284,
-+ "TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49285,
-+ "TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49286,
-+ "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49287,
-+ "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49288,
-+ "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49289,
-+ "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49290,
-+ "TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49291,
-+ "TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49292,
-+ "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49293,
-+ "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49294,
-+ "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49295,
-+ "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49296,
-+ "TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49297,
-+ "TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49298,
-+ "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256",
-+ 0 },
-+ {
-+ 49299,
-+ "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384",
-+ 0 },
-+ {
-+ 49300,
-+ "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49301,
-+ "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49302,
-+ "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49303,
-+ "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49304,
-+ "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49305,
-+ "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49306,
-+ "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256",
-+ 0 },
-+ {
-+ 49307,
-+ "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384",
-+ 0 },
-+ {
-+ 49308,
-+ "TLS_RSA_WITH_AES_128_CCM",
-+ 0 },
-+ {
-+ 49309,
-+ "TLS_RSA_WITH_AES_256_CCM",
-+ 0 },
-+ {
-+ 49310,
-+ "TLS_DHE_RSA_WITH_AES_128_CCM",
-+ 0 },
-+ {
-+ 49311,
-+ "TLS_DHE_RSA_WITH_AES_256_CCM",
-+ 0 },
-+ {
-+ 49312,
-+ "TLS_RSA_WITH_AES_128_CCM_8",
-+ 0 },
-+ {
-+ 49313,
-+ "TLS_RSA_WITH_AES_256_CCM_8",
-+ 0 },
-+ {
-+ 49314,
-+ "TLS_DHE_RSA_WITH_AES_128_CCM_8",
-+ 0 },
-+ {
-+ 49315,
-+ "TLS_DHE_RSA_WITH_AES_256_CCM_8",
-+ 0 },
-+ {
-+ 49316,
-+ "TLS_PSK_WITH_AES_128_CCM",
-+ 0 },
-+ {
-+ 49317,
-+ "TLS_PSK_WITH_AES_256_CCM",
-+ 0 },
-+ {
-+ 49318,
-+ "TLS_DHE_PSK_WITH_AES_128_CCM",
-+ 0 },
-+ {
-+ 49319,
-+ "TLS_DHE_PSK_WITH_AES_256_CCM",
-+ 0 },
-+ {
-+ 49320,
-+ "TLS_PSK_WITH_AES_128_CCM_8",
-+ 0 },
-+ {
-+ 49321,
-+ "TLS_PSK_WITH_AES_256_CCM_8",
-+ 0 },
-+ {
-+ 49322,
-+ "TLS_PSK_DHE_WITH_AES_128_CCM_8",
-+ 0 },
-+ {
-+ 49323,
-+ "TLS_PSK_DHE_WITH_AES_256_CCM_8",
-+ 0 },
-+ {
-+ 49324,
-+ "TLS_ECDHE_ECDSA_WITH_AES_128_CCM",
-+ 0 },
-+ {
-+ 49325,
-+ "TLS_ECDHE_ECDSA_WITH_AES_256_CCM",
-+ 0 },
-+ {
-+ 49326,
-+ "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8",
-+ 0 },
-+ {
-+ 49327,
-+ "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8",
-+ 0 },
-+ // DRAFT-IETF-TLS-ECC
-+ {
-+ 71,
-+ "TLS_ECDH_ECDSA_WITH_NULL_SHA",
-+ 0 },
-+ {
-+ 72,
-+ "TLS_ECDH_ECDSA_WITH_RC4_128_SHA",
-+ 0 },
-+ {
-+ 73,
-+ "TLS_ECDH_ECDSA_WITH_DES_CBC_SHA",
-+ 0 },
-+ {
-+ 74,
-+ "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
-+ 0 },
-+ {
-+ 75,
-+ "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 76,
-+ "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
-+ 75,
-+ "TLS_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA",
-+ 0 },
-+ {
-+ 76,
-+ "TLS_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA",
-+ 0 },
-+ {
-+ 77,
-+ "TLS_ECDH_RSA_WITH_NULL_SHA",
-+ 0 },
-+ {
-+ 78,
-+ "TLS_ECDH_RSA_WITH_RC4_128_SHA",
-+ 0 },
-+ {
-+ 79,
-+ "TLS_ECDH_RSA_WITH_DES_CBC_SHA",
-+ 0 },
-+ {
-+ 80,
-+ "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA",
-+ 0 },
-+ {
-+ 81,
-+ "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 82,
-+ "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
-+ 83,
-+ "TLS_ECDH_RSA_EXPORT_WITH_RC4_40_SHA",
-+ 0 },
-+ {
-+ 84,
-+ "TLS_ECDH_RSA_EXPORT_WITH_RC4_56_SHA",
-+ 0 },
-+ {
-+ 85,
-+ "TLS_ECDH_anon_NULL_WITH_SHA",
-+ 0 },
-+ {
-+ 86,
-+ "TLS_ECDH_anon_WITH_RC4_128_SHA",
-+ 0 },
-+ {
-+ 87,
-+ "TLS_ECDH_anon_WITH_DES_CBC_SHA",
-+ 0 },
-+ {
-+ 88,
-+ "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA",
-+ 0 },
-+ {
-+ 89,
-+ "TLS_ECDH_anon_EXPORT_WITH_DES40_CBC_SHA",
-+ 0 },
-+ {
-+ 90,
-+ "TLS_ECDH_anon_EXPORT_WITH_RC4_40_SHA",
-+ 0 },
-+ // DRAFT-IETF-TLS-56-BIT-CIPHERSUITES
-+ {
-+ 96,
-+ "TLS_RSA_EXPORT1024_WITH_RC4_56_MD5",
-+ 0 },
-+ {
-+ 97,
-+ "TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5",
-+ 0 },
-+ {
-+ 98,
-+ "TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA",
-+ 0 },
-+ {
-+ 99,
-+ "TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA",
-+ 0 },
-+ {
-+ 100,
-+ "TLS_RSA_EXPORT1024_WITH_RC4_56_SHA",
-+ 0 },
-+ {
-+ 101,
-+ "TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA",
-+ 0 },
-+ {
-+ 102,
-+ "TLS_DHE_DSS_WITH_RC4_128_SHA",
-+ 0 },
-+ // FIPS SSL (Netscape)
-+ {
-+ 65278,
-+ "SSL_RSA_FIPS_WITH_DES_CBC_SHA",
-+ 0 },
-+ {
-+ 65279,
-+ "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA",
-+ 0 },
-+ // SSL 2.0
-+ {
-+ 65664,
-+ "SSL2_RC4_128_WITH_MD5",
-+ 0 },
-+ {
-+ 131200,
-+ "SSL2_RC4_128_EXPORT40_WITH_MD5",
-+ 0 },
-+ {
-+ 196736,
-+ "SSL2_RC2_CBC_128_CBC_WITH_MD5",
-+ 0 },
-+ {
-+ 262272,
-+ "SSL2_RC2_128_CBC_EXPORT40_WITH_MD5",
-+ 0 },
-+ {
-+ 327808,
-+ "SSL2_IDEA_128_CBC_WITH_MD5",
-+ 0 },
-+ {
-+ 393280,
-+ "SSL2_DES_64_CBC_WITH_MD5",
-+ 0 },
-+ {
-+ 393536,
-+ "SSL2_DES_64_CBC_WITH_SHA",
-+ 0 },
-+ {
-+ 458944,
-+ "SSL2_DES_192_EDE3_CBC_WITH_MD5",
-+ 0 },
-+ {
-+ 459200,
-+ "SSL2_DES_192_EDE3_CBC_WITH_SHA",
-+ 0 },
-+ {
-+ 524416,
-+ "SSL2_RC4_64_WITH_MD5",
- 0 },
- {-1}
- };
diff --git a/testing/ssldump/0100-ciphersuites.patch b/testing/ssldump/0100-ciphersuites.patch
deleted file mode 100644
index e5c5434bc4..0000000000
--- a/testing/ssldump/0100-ciphersuites.patch
+++ /dev/null
@@ -1,161 +0,0 @@
-Patch by Robert Scheck <robert@fedoraproject.org> for ssldump >= 0.9b3 which adds
-a lot of missing cipher suites to support much more application data decoding.
-
---- ssldump-0.9b3/ssl/ciphersuites.c 2014-05-04 02:02:58.000000000 +0200
-+++ ssldump-0.9b3/ssl/ciphersuites.c.rsc 2014-05-04 18:33:11.000000000 +0200
-@@ -74,10 +74,11 @@
- {21,KEX_DH,SIG_RSA,ENC_DES,8,64,64,DIG_SHA,20,0},
- {22,KEX_DH,SIG_RSA,ENC_3DES,8,192,192,DIG_SHA,20,0},
- {23,KEX_DH,SIG_NONE,ENC_RC4,1,128,40,DIG_MD5,16,1},
-- {24,KEX_DH,SIG_NONE,ENC_RC4,1,128,128,DIG_MD5,16,0},
-+ {24,KEX_DH,SIG_NONE,ENC_RC4,1,128,128,DIG_MD5,16,0},
- {25,KEX_DH,SIG_NONE,ENC_DES,8,64,40,DIG_MD5,16,1},
- {26,KEX_DH,SIG_NONE,ENC_DES,8,64,64,DIG_MD5,16,0},
- {27,KEX_DH,SIG_NONE,ENC_3DES,8,192,192,DIG_MD5,16,0},
-+ // Missing: 44-46
- {47,KEX_RSA,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
- {48,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0},
- {49,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
-@@ -90,13 +91,141 @@
- {56,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0},
- {57,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0},
- {58,KEX_DH,SIG_NONE,ENC_AES256,16,256,256,DIG_SHA,20,0},
-+ {59,KEX_RSA,SIG_RSA,ENC_NULL,0,0,0,DIG_SHA256,32,0},
-+ {60,KEX_RSA,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA256,32,0},
-+ {61,KEX_RSA,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA256,32,0},
-+ {62,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA256,32,0},
-+ {63,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA256,32,0},
-+ {64,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA256,32,0},
-+ {65,KEX_RSA,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA,20,0},
-+ {66,KEX_DH,SIG_DSS,ENC_CAMELLIA128,16,128,128,DIG_SHA,20,0},
-+ {67,KEX_DH,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA,20,0},
-+ {68,KEX_DH,SIG_DSS,ENC_CAMELLIA128,16,128,128,DIG_SHA,20,0},
-+ {69,KEX_DH,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA,20,0},
-+ {70,KEX_DH,SIG_NONE,ENC_CAMELLIA128,16,128,128,DIG_SHA,20,0},
- {96,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_MD5,16,1},
- {97,KEX_RSA,SIG_RSA,ENC_RC2,1,128,56,DIG_MD5,16,1},
- {98,KEX_RSA,SIG_RSA,ENC_DES,8,64,64,DIG_SHA,20,1},
- {99,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,20,1},
- {100,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_SHA,20,1},
-- {101,KEX_DH,SIG_DSS,ENC_RC4,1,128,56,DIG_SHA,20,1},
-+ {101,KEX_DH,SIG_DSS,ENC_RC4,1,128,56,DIG_SHA,20,1},
- {102,KEX_DH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA,20,0},
-+ {103,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA256,32,0},
-+ {104,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA256,32,0},
-+ {105,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA256,32,0},
-+ {106,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA256,32,0},
-+ {107,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA256,32,0},
-+ {108,KEX_DH,SIG_NONE,ENC_AES128,16,128,128,DIG_SHA256,32,0},
-+ {109,KEX_DH,SIG_NONE,ENC_AES256,16,256,256,DIG_SHA256,32,0},
-+ {132,KEX_RSA,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA,20,0},
-+ {133,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA,20,0},
-+ {134,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA,20,0},
-+ {135,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA,20,0},
-+ {136,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA,20,0},
-+ {137,KEX_DH,SIG_NONE,ENC_CAMELLIA256,16,256,256,DIG_SHA,20,0},
-+ // Missing: 138-149
-+ {150,KEX_RSA,SIG_RSA,ENC_SEED,16,128,128,DIG_SHA,20,0},
-+ {151,KEX_DH,SIG_DSS,ENC_SEED,16,128,128,DIG_SHA,20,0},
-+ {152,KEX_DH,SIG_RSA,ENC_SEED,16,128,128,DIG_SHA,20,0},
-+ {153,KEX_DH,SIG_DSS,ENC_SEED,16,128,128,DIG_SHA,20,0},
-+ {154,KEX_DH,SIG_RSA,ENC_SEED,16,128,128,DIG_SHA,20,0},
-+ {155,KEX_DH,SIG_NONE,ENC_SEED,16,128,128,DIG_SHA,20,0},
-+ {156,KEX_RSA,SIG_RSA,ENC_AES128,4,128,128,DIG_SHA256,32,0},
-+ {157,KEX_RSA,SIG_RSA,ENC_AES256,4,256,256,DIG_SHA384,48,0},
-+ {158,KEX_DH,SIG_RSA,ENC_AES128,4,128,128,DIG_SHA256,32,0},
-+ {159,KEX_DH,SIG_RSA,ENC_AES256,4,256,256,DIG_SHA384,48,0},
-+ {160,KEX_DH,SIG_RSA,ENC_AES128,4,128,128,DIG_SHA256,32,0},
-+ {161,KEX_DH,SIG_RSA,ENC_AES256,4,256,256,DIG_SHA384,48,0},
-+ {162,KEX_DH,SIG_DSS,ENC_AES128,4,128,128,DIG_SHA256,32,0},
-+ {163,KEX_DH,SIG_DSS,ENC_AES256,4,256,256,DIG_SHA384,48,0},
-+ {164,KEX_DH,SIG_DSS,ENC_AES128,4,128,128,DIG_SHA256,32,0},
-+ {165,KEX_DH,SIG_DSS,ENC_AES256,4,256,256,DIG_SHA384,48,0},
-+ {166,KEX_DH,SIG_NONE,ENC_AES128,4,128,128,DIG_SHA256,32,0},
-+ {167,KEX_DH,SIG_NONE,ENC_AES256,4,256,256,DIG_SHA384,48,0},
-+ // Missing: 168-185
-+ {186,KEX_RSA,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0},
-+ {187,KEX_DH,SIG_DSS,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0},
-+ {188,KEX_DH,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0},
-+ {189,KEX_DH,SIG_DSS,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0},
-+ {190,KEX_DH,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0},
-+ {191,KEX_DH,SIG_NONE,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0},
-+ {192,KEX_RSA,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0},
-+ {193,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0},
-+ {194,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0},
-+ {195,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0},
-+ {196,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0},
-+ {197,KEX_DH,SIG_NONE,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0},
-+ {49153,KEX_DH,SIG_DSS,ENC_NULL,0,0,0,DIG_SHA,20,0},
-+ {49154,KEX_DH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA,20,0},
-+ {49155,KEX_DH,SIG_DSS,ENC_3DES,8,192,192,DIG_SHA,20,0},
-+ {49156,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0},
-+ {49157,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0},
-+ {49158,KEX_DH,SIG_DSS,ENC_NULL,0,0,0,DIG_SHA,20,0},
-+ {49159,KEX_DH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA,20,0},
-+ {49160,KEX_DH,SIG_DSS,ENC_3DES,8,192,192,DIG_SHA,20,0},
-+ {49161,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0},
-+ {49162,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0},
-+ {49163,KEX_DH,SIG_RSA,ENC_NULL,0,0,0,DIG_SHA,20,0},
-+ {49164,KEX_DH,SIG_RSA,ENC_RC4,1,128,128,DIG_SHA,20,0},
-+ {49165,KEX_DH,SIG_RSA,ENC_3DES,8,192,192,DIG_SHA,20,0},
-+ {49166,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
-+ {49167,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0},
-+ {49168,KEX_DH,SIG_RSA,ENC_NULL,0,0,0,DIG_SHA,20,0},
-+ {49169,KEX_DH,SIG_RSA,ENC_RC4,1,128,128,DIG_SHA,20,0},
-+ {49170,KEX_DH,SIG_RSA,ENC_3DES,8,192,192,DIG_SHA,20,0},
-+ {49171,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
-+ {49172,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0},
-+ {49173,KEX_DH,SIG_NONE,ENC_NULL,0,0,0,DIG_SHA,20,0},
-+ {49174,KEX_DH,SIG_NONE,ENC_RC4,1,128,128,DIG_SHA,20,0},
-+ {49175,KEX_DH,SIG_NONE,ENC_3DES,8,192,192,DIG_SHA,20,0},
-+ {49176,KEX_DH,SIG_NONE,ENC_AES128,16,128,128,DIG_SHA,20,0},
-+ {49177,KEX_DH,SIG_NONE,ENC_AES256,16,256,256,DIG_SHA,20,0},
-+ {49187,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA256,32,0},
-+ {49188,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA384,48,0},
-+ {49189,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA256,32,0},
-+ {49190,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA384,48,0},
-+ {49191,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA256,32,0},
-+ {49192,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA384,48,0},
-+ {49193,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA256,32,0},
-+ {49194,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA384,48,0},
-+ {49195,KEX_DH,SIG_DSS,ENC_AES128,4,128,128,DIG_SHA256,32,0},
-+ {49196,KEX_DH,SIG_DSS,ENC_AES256,4,256,256,DIG_SHA384,48,0},
-+ {49197,KEX_DH,SIG_DSS,ENC_AES128,4,128,128,DIG_SHA256,32,0},
-+ {49198,KEX_DH,SIG_DSS,ENC_AES256,4,256,256,DIG_SHA384,48,0},
-+ {49199,KEX_DH,SIG_RSA,ENC_AES128,4,128,128,DIG_SHA256,32,0},
-+ {49200,KEX_DH,SIG_RSA,ENC_AES256,4,256,256,DIG_SHA384,48,0},
-+ {49201,KEX_DH,SIG_RSA,ENC_AES128,4,128,128,DIG_SHA256,32,0},
-+ {49202,KEX_DH,SIG_RSA,ENC_AES256,4,256,256,DIG_SHA384,48,0},
-+ // Missing: 49203-49211
-+ {49266,KEX_DH,SIG_DSS,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0},
-+ {49267,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA256,48,0},
-+ {49268,KEX_DH,SIG_DSS,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0},
-+ {49269,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA256,48,0},
-+ {49270,KEX_DH,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0},
-+ {49271,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA256,48,0},
-+ {49272,KEX_DH,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0},
-+ {49273,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA256,48,0},
-+ {49274,KEX_RSA,SIG_RSA,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0},
-+ {49275,KEX_RSA,SIG_RSA,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0},
-+ {49276,KEX_DH,SIG_RSA,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0},
-+ {49277,KEX_DH,SIG_RSA,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0},
-+ {49278,KEX_DH,SIG_RSA,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0},
-+ {49279,KEX_DH,SIG_RSA,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0},
-+ {49280,KEX_DH,SIG_DSS,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0},
-+ {49281,KEX_DH,SIG_DSS,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0},
-+ {49282,KEX_DH,SIG_DSS,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0},
-+ {49283,KEX_DH,SIG_DSS,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0},
-+ {49284,KEX_DH,SIG_NONE,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0},
-+ {49285,KEX_DH,SIG_NONE,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0},
-+ {49286,KEX_DH,SIG_DSS,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0},
-+ {49287,KEX_DH,SIG_DSS,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0},
-+ {49288,KEX_DH,SIG_DSS,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0},
-+ {49289,KEX_DH,SIG_DSS,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0},
-+ {49290,KEX_DH,SIG_RSA,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0},
-+ {49291,KEX_DH,SIG_RSA,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0},
-+ {49292,KEX_DH,SIG_RSA,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0},
-+ {49293,KEX_DH,SIG_RSA,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0},
-+ // Missing: 49294-49307
- {-1}
- };
-
diff --git a/testing/ssldump/APKBUILD b/testing/ssldump/APKBUILD
index bebf2fd00a..abfbadf4bf 100644
--- a/testing/ssldump/APKBUILD
+++ b/testing/ssldump/APKBUILD
@@ -1,66 +1,37 @@
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
# Maintainer:
-pkgname="ssldump"
-pkgver="0.9b3"
-pkgrel=1
-pkgdesc="An SSLv3/TLS network protocol analyzer"
-url="http://ssldump.sourceforge.net/"
+pkgname=ssldump
+pkgver=1.4
+pkgrel=0
+pkgdesc="SSLv3/TLS network protocol analyzer"
+url="https://github.com/adulau/ssldump"
arch="all"
license="BSD-4-Clause"
-makedepends="autoconf libpcap-dev openssl-dev"
subpackages="$pkgname-doc"
-source="https://downloads.sourceforge.net/ssldump/ssldump-$pkgver.tar.gz"
-# Patches from Fedora
-source="$source
- 0010-openssl.patch
- 0020-libpcap.patch
- 0030-aes.patch
- 0040-cvs-20060619.patch
- 0050-table-stops.patch
- 0060-link_layer.patch
- 0070-pcap-vlan.patch
- 0080-tlsv12.patch
- 0090-ssl-enums.patch
- 0100-ciphersuites.patch
- "
-builddir="$srcdir/ssldump-$pkgver"
options="!check" # no tests provided
+makedepends="autoconf automake libnet-dev json-c-dev fts-dev libpcap-dev openssl-dev"
+source="https://github.com/adulau/ssldump/archive/v$pkgver/ssldump-$pkgver.tar.gz
+ "
prepare() {
- update_config_guess
- update_config_sub
default_prepare
-
- # Rebuilding of configure file is needed for 0020-libpcap.patch
- autoconf --force
+ ./autogen.sh
}
build() {
./configure \
- --build=$CBUILD \
- --host=$CHOST \
--prefix=/usr \
--sysconfdir=/etc \
--mandir=/usr/share/man \
+ --datarootdir=/usr/share \
+ --docdir=/usr/share/doc \
--localstatedir=/var
make
}
package() {
- make install BINDIR="$pkgdir/usr/sbin" MANDIR="$pkgdir/usr/share/man"
+ make install sbindir="$pkgdir/usr/sbin" mandir="$pkgdir/usr/share/man" docdir="$pkgdir/usr/share/doc"
install -D -m 644 COPYRIGHT "$pkgdir"/usr/share/licenses/$pkgname/COPYRIGHT
-
- chmod 644 "$pkgdir"/usr/share/man/man1/*.1*
}
-sha512sums="ea81558a243950ab43354c9f33c0a4feae0ae859bc2bd6e6b58838a01f4a1e7a6447f2a9ab1fa40bbe8dbd6c3630c489c17fc9c066cacfddfb64269b0cd5090a ssldump-0.9b3.tar.gz
-3d06916b841612d158a5f7c87e7c68a9046ce5842ac11610ec6bf3c83619feecdd66293c66037f2e271496c8439896a4531c0de8ed866a898e310a1fd1de5aca 0010-openssl.patch
-12fff42b22baadfde4a0faf12c2336d47811cd36873034cfd81b269f0578c2be4226657b6da6dc5ebcf7b11070f48d357ba1580b47d62619fce3980ea2629bae 0020-libpcap.patch
-17a2f401b3ebb171628745041609f96ce82d1b4993d053443a3315b562ea2f8112184dbec0373ae11888c8f0d3c8a7728f3a6ca0a3de5375efd44aabe599ad02 0030-aes.patch
-4b9bfa0d10efa322f634c1326b210a7220c23c12c2cb2de9e00383f0d83fa558f578a16d428f035d179f3f692510756fd382efad69c877b9fe2bfacb4c7406e3 0040-cvs-20060619.patch
-3bfff13a5d4fdd0684512692309a2ff70eb63d472c4982e7e191073091a419b289b70fbf9604a794dd9b30cf60601b5b7403e2f9decb109f752471114388a4dd 0050-table-stops.patch
-912f47fbd686d4f4d68015e57dc92eba284e12dc146184f8cc4165e8e9a795f530d1e572dfb1a2292a3dee0c8f84f29f400375ab99e9215fec921d0464ef8e2d 0060-link_layer.patch
-94592125add14409be20981516a8f81765b61fb932dc6004bee7d91e0828b40117ce1f378c4ae7e65725bd645ff827648cf652a7ce8090e49afac0ef5284901e 0070-pcap-vlan.patch
-7e68d8ca844348b2440b795372f40af614f99e6e14baa7552de1f8eb1fa72d38771be1b904ee13f1141cf14cb8968f9fcd192c2a2b63885152225090ef20e3e6 0080-tlsv12.patch
-8e4e0e19a4ea45e8f98f8e918ddf0cde8a5d0a5fa89558bcfcbb14153e0babee7ff9edaebd6653a5fd6fb95624f47d62b85f2115d7bc25f4f4b6e35844e0f4a3 0090-ssl-enums.patch
-86c9ccd83fce92ff72eadd6e9a8e6a2442437e6778d735fae58ca359f390812d1102044058701189608251006de07478024dd389fe7bd9d3834e33039eaf2277 0100-ciphersuites.patch"
+sha512sums="fb17c5610dcfce3e8020a5148d37be5b2fbc3083d78727281922ae32b5905c4aa882cd368c3581238f3492c6b5bab943dcff6a966d64160a3836d6a95bdc7682 ssldump-1.4.tar.gz"