diff options
| author | Milan P. Stanić <mps@arvanta.net> | 2020-07-30 18:06:37 +0000 |
|---|---|---|
| committer | Milan P. Stanić <mps@arvanta.net> | 2021-05-07 10:03:23 +0000 |
| commit | 5f0421f4556d4b8c8afdbdcbf8a58201aa128a5d (patch) | |
| tree | 2c91c40ea346e9b62444e88dc463d5e751d70813 | |
| parent | 33a4c4e9fa0a6cf46cf4cbdf8cd011ff42899d65 (diff) | |
| download | aports-5f0421f4556d4b8c8afdbdcbf8a58201aa128a5d.tar.gz aports-5f0421f4556d4b8c8afdbdcbf8a58201aa128a5d.tar.bz2 aports-5f0421f4556d4b8c8afdbdcbf8a58201aa128a5d.tar.xz | |
testing/ssldump: upgrade to 1.4
use version from github which have many patches
remove obsolete patches
| -rw-r--r-- | testing/ssldump/0010-openssl.patch | 216 | ||||
| -rw-r--r-- | testing/ssldump/0020-libpcap.patch | 43 | ||||
| -rw-r--r-- | testing/ssldump/0030-aes.patch | 191 | ||||
| -rw-r--r-- | testing/ssldump/0040-cvs-20060619.patch | 191 | ||||
| -rw-r--r-- | testing/ssldump/0050-table-stops.patch | 54 | ||||
| -rw-r--r-- | testing/ssldump/0060-link_layer.patch | 91 | ||||
| -rw-r--r-- | testing/ssldump/0070-pcap-vlan.patch | 36 | ||||
| -rw-r--r-- | testing/ssldump/0080-tlsv12.patch | 218 | ||||
| -rw-r--r-- | testing/ssldump/0090-ssl-enums.patch | 1806 | ||||
| -rw-r--r-- | testing/ssldump/0100-ciphersuites.patch | 161 | ||||
| -rw-r--r-- | testing/ssldump/APKBUILD | 55 |
11 files changed, 13 insertions, 3049 deletions
diff --git a/testing/ssldump/0010-openssl.patch b/testing/ssldump/0010-openssl.patch deleted file mode 100644 index c9461d4587..0000000000 --- a/testing/ssldump/0010-openssl.patch +++ /dev/null @@ -1,216 +0,0 @@ -Patch by Robert Scheck <robert@fedoraproject.org> for ssldump >= 0.9b3, which -reinstates the the -y (nroff) flag, declares MD5_CTX via <openssl/md5.h>, avoids -"ERROR: Couldn't create network handler" by calling SSL_library_init() function -and OpenSSL_add_all_algorithms() rather SSLeay_add_all_algorithms() and revises -the ssldump man page for correctness and completeness. - ---- ssldump-0.9b3/ssl/ssl_analyze.c 2002-01-21 19:46:13.000000000 +0100 -+++ ssldump-0.9b3/ssl/ssl_analyze.c.openssl 2010-01-22 23:59:09.000000000 +0100 -@@ -133,7 +133,7 @@ - SSL_PRINT_DECODE - }, - { -- 0, -+ 'y', - "nroff", - SSL_PRINT_NROFF - }, ---- ssldump-0.9b3/ssl/ssldecode.c 2002-08-17 03:33:17.000000000 +0200 -+++ ssldump-0.9b3/ssl/ssldecode.c.openssl 2010-01-22 23:59:46.000000000 +0100 -@@ -51,6 +51,7 @@ - #include <openssl/ssl.h> - #include <openssl/hmac.h> - #include <openssl/evp.h> -+#include <openssl/md5.h> - #include <openssl/x509v3.h> - #endif - #include "ssldecode.h" -@@ -131,7 +132,8 @@ - ssl_decode_ctx *d=0; - int r,_status; - -- SSLeay_add_all_algorithms(); -+ SSL_library_init(); -+ OpenSSL_add_all_algorithms(); - if(!(d=(ssl_decode_ctx *)malloc(sizeof(ssl_decode_ctx)))) - ABORT(R_NO_MEMORY); - if(!(d->ssl_ctx=SSL_CTX_new(SSLv23_server_method()))) ---- ssldump-0.9b3/ssldump.1 2002-08-13 01:46:53.000000000 +0200 -+++ ssldump-0.9b3/ssldump.1.openssl 2010-01-23 00:26:26.000000000 +0100 -@@ -61,12 +61,9 @@ - .na - .B ssldump - [ --.B \-vtaTnsAxXhHVNdq -+.B \-vTshVq -+.B \-aAdeHnNqTxXvy - ] [ --.B \-r --.I dumpfile --] --[ - .B \-i - .I interface - ] -@@ -81,6 +78,16 @@ - .I password - ] - [ -+.B \-r -+.I dumpfile -+] -+.br -+.ti +8 -+[ -+.B \-S -+.RI [\| crypto \||\| d \||\| ht \||\| H \||\| nroff \|] -+] -+[ - .I expression - ] - .br -@@ -125,6 +132,7 @@ - You must have read access to - .IR /dev/bpf* . - .SH OPTIONS -+.TP - .B \-a - Print bare TCP ACKs (useful for observing Nagle behavior) - .TP -@@ -135,7 +143,7 @@ - .B \-d - Display the application data traffic. This usually means - decrypting it, but when -d is used ssldump will also decode --application data traffic _before_ the SSL session initiates. -+application data traffic \fIbefore\fP the SSL session initiates. - This allows you to see HTTPS CONNECT behavior as well as - SMTP STARTTLS. As a side effect, since ssldump can't tell - whether plaintext is traffic before the initiation of an -@@ -148,18 +156,9 @@ - .B \-e - Print absolute timestamps instead of relative timestamps - .TP --.B \-r --Read data from \fIfile\fP instead of from the network. --The old -f option still works but is deprecated and will --probably be removed with the next version. - .B \-H - Print the full SSL packet header. - .TP --.B \-k --Use \fIkeyfile\fP as the location of the SSL keyfile (OpenSSL format) --Previous versions of ssldump automatically looked in ./server.pem. --Now you must specify your keyfile every time. --.TP - .B \-n - Don't try to resolve host names from IP addresses - .TP -@@ -176,6 +175,12 @@ - .B \-q - Don't decode any record fields beyond a single summary line. (quiet mode). - .TP -+.B \-T -+Print the TCP headers. -+.TP -+.B \-v -+Display version and copyright information. -+.TP - .B \-x - Print each record in hex, as well as decoding it. - .TP -@@ -183,13 +188,48 @@ - When the -d option is used, binary data is automatically printed - in two columns with a hex dump on the left and the printable characters - on the right. -X suppresses the display of the printable characters, --thus making it easier to cut and paste the hext data into some other -+thus making it easier to cut and paste the hex data into some other - program. -+.TP - .B \-y --Decorate the output for processing with troff. Not very -+Decorate the output for processing with nroff/troff. Not very - useful for the average user. - .TP --.IP "\fI expression\fP" -+.BI \-i " interface" -+Use \fIinterface\fP as the network interface on which to sniff SSL/TLS -+traffic. -+.TP -+.BI \-k " keyfile" -+Use \fIkeyfile\fP as the location of the SSL keyfile (OpenSSL format) -+Previous versions of ssldump automatically looked in ./server.pem. -+Now you must specify your keyfile every time. -+.TP -+.BI \-p " password" -+Use \fIpassword\fP as the SSL keyfile password. -+.TP -+.BI \-r " file" -+Read data from \fIfile\fP instead of from the network. -+The old -f option still works but is deprecated and will -+probably be removed with the next version. -+.TP -+.BI \-S " [ " crypto " | " d " | " ht " | " H " ]" -+Specify SSL flags to ssldump. These flags include: -+.RS -+.TP -+.I crypto -+Print cryptographic information. -+.TP -+.I d -+Print fields as decoded. -+.TP -+.I ht -+Print the handshake type. -+.TP -+.I H -+Print handshake type and highlights. -+.RE -+.TP -+\fIexpression\fP - .RS - Selects what packets ssldump will examine. Technically speaking, - ssldump supports the full expression syntax from PCAP and tcpdump. -@@ -200,7 +240,7 @@ - don't result in incomplete TCP streams are listed here. - .LP - The \fIexpression\fP consists of one or more --.I primitives. -+.IR primitives . - Primitives usually consist of an - .I id - (name or number) preceded by one or more qualifiers. There are three -@@ -512,5 +552,11 @@ - .LP - ssldump doesn't implement session caching and therefore can't decrypt - resumed sessions. -- -- -+.LP -+.SH SEE ALSO -+.LP -+.BR tcpdump (1) -+.LP -+.SH AUTHOR -+.LP -+ssldump was written by Eric Rescorla <ekr@rtfm.com>. ---- ssldump-0.9b3/base/pcap-snoop.c 2002-09-09 23:02:58.000000000 +0200 -+++ ssldump-0.9b3/base/pcap-snoop.c.openssl 2010-04-06 16:50:22.000000000 +0200 -@@ -206,7 +206,7 @@ - - signal(SIGINT,sig_handler); - -- while((c=getopt(argc,argv,"vr:f:S:Ttai:k:p:nsAxXhHVNdqem:P"))!=EOF){ -+ while((c=getopt(argc,argv,"vr:f:S:yTtai:k:p:nsAxXhHVNdqem:P"))!=EOF){ - switch(c){ - case 'v': - print_version(); -@@ -227,6 +227,9 @@ - case 'a': - NET_print_flags |= NET_PRINT_ACKS; - break; -+ case 'A': -+ SSL_print_flags |= SSL_PRINT_ALL_FIELDS; -+ break; - case 'T': - NET_print_flags |= NET_PRINT_TCP_HDR; - break; diff --git a/testing/ssldump/0020-libpcap.patch b/testing/ssldump/0020-libpcap.patch deleted file mode 100644 index 10682218d2..0000000000 --- a/testing/ssldump/0020-libpcap.patch +++ /dev/null @@ -1,43 +0,0 @@ -Patch by Robert Scheck <robert@fedoraproject.org> for ssldump >= 0.9b3, which -replaces the inclusion of <net/bpf.h> by <pcap-bpf.h> because of changed files. -It adds some 64 bit support in ./configure for lib64 directories around libpcap -and ensures that dynamic linking to libpcap is possible. - ---- ssldump-0.9b3/base/pcap-snoop.c 2010-01-23 00:30:24.000000000 +0100 -+++ ssldump-0.9b3/base/pcap-snoop.c.libpcap 2010-01-23 00:34:11.000000000 +0100 -@@ -49,7 +49,7 @@ - - #include <pcap.h> - #include <unistd.h> --#include <net/bpf.h> -+#include <pcap-bpf.h> - #ifndef _WIN32 - #include <sys/param.h> - #endif ---- ssldump-0.9b3/configure.in 2001-11-26 23:38:13.000000000 +0100 -+++ ssldump-0.9b3/configure.in.libpcap 2010-01-23 00:33:12.000000000 +0100 -@@ -62,7 +62,7 @@ - dnl Look for PCAP - dnl We absolutely need pcap - ac_pcap_inc_dir="/usr/include /usr/include/pcap /usr/local/include" --ac_pcap_lib_dir="/usr/lib /usr/local/lib" -+ac_pcap_lib_dir="/usr/local/lib64 /usr/local/lib /usr/lib64 /usr/lib" - - AC_ARG_WITH(pcap,[--with-pcap root location for pcap library], - if test "$withval" = "no"; then -@@ -102,13 +102,13 @@ - AC_MSG_CHECKING(for PCAP library) - ac_found_pcap_lib_dir="no" - for dir in $ac_pcap_lib_dir; do -- if test -f $dir/libpcap.a; then -+ if test -f $dir/libpcap.a -o -f $dir/libpcap.so; then - dnl Ok, we think we've found them, but check that they - dnl actually ontain the right functions - save_LIBS=$LIBS - save_LDFLAGS=$LDFLAGS - LIBS="-lpcap $LIBS" -- if test "$dir" != "/usr/lib"; then -+ if test "$dir" != "/usr/lib" -a "$dir" != "/usr/lib64"; then - LDFLAGS="-L$dir $LDFLAGS" - fi - AC_TRY_LINK_FUNC(pcap_open_live,ac_linked_libpcap="true", diff --git a/testing/ssldump/0030-aes.patch b/testing/ssldump/0030-aes.patch deleted file mode 100644 index 3965332e8f..0000000000 --- a/testing/ssldump/0030-aes.patch +++ /dev/null @@ -1,191 +0,0 @@ -Patch by Carsten Hoeger <choeger@suse.de> for ssldump >= 0.9b3 which adds support -for AES cipher-suites (to ssldump). For further information, please have a look to -Novell bug ID #50952. - ---- ssldump-0.9b3/ssl/sslciphers.h 2002-08-17 03:33:17.000000000 +0200 -+++ ssldump-0.9b3/ssl/sslciphers.h.aes 2010-04-06 16:34:35.000000000 +0200 -@@ -71,7 +71,9 @@ - #define ENC_RC4 0x32 - #define ENC_RC2 0x33 - #define ENC_IDEA 0x34 --#define ENC_NULL 0x35 -+#define ENC_AES128 0x35 -+#define ENC_AES256 0x36 -+#define ENC_NULL 0x37 - - #define DIG_MD5 0x40 - #define DIG_SHA 0x41 ---- ssldump-0.9b3/ssl/ssl_rec.c 2000-11-03 07:38:06.000000000 +0100 -+++ ssldump-0.9b3/ssl/ssl_rec.c.aes 2010-04-06 16:42:13.000000000 +0200 -@@ -78,7 +78,9 @@ - "DES3", - "RC4", - "RC2", -- "IDEA" -+ "IDEA", -+ "AES128", -+ "AES256" - }; - - -@@ -101,6 +103,11 @@ - /* Find the SSLeay cipher */ - if(cs->enc!=ENC_NULL){ - ciph=(EVP_CIPHER *)EVP_get_cipherbyname(ciphers[cs->enc-0x30]); -+ if(!ciph) -+ ABORT(R_INTERNAL); -+ } -+ else { -+ ciph=EVP_enc_null(); - } - - if(!(dec=(ssl_rec_decoder *)calloc(sizeof(ssl_rec_decoder),1))) -@@ -169,7 +176,7 @@ - *outl=inl; - - /* Now strip off the padding*/ -- if(d->cs->block!=1){ -+ if(d->cs->block>1){ - pad=out[inl-1]; - *outl-=(pad+1); - } ---- ssldump-0.9b3/ssl/ssl.enums 2001-07-20 18:44:32.000000000 +0200 -+++ ssldump-0.9b3/ssl/ssl.enums.aes 2010-04-06 16:36:06.000000000 +0200 -@@ -356,6 +356,18 @@ - CipherSuite TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x19 }; - CipherSuite TLS_DH_anon_WITH_DES_CBC_SHA = { 0x00,0x1A }; - CipherSuite TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = { 0x00,0x1B }; -+ CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x2F }; -+ CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA = { 0x00,0x30 }; -+ CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x31 }; -+ CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA = { 0x00,0x32 }; -+ CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x33 }; -+ CipherSuite TLS_DH_anon_WITH_AES_128_CBC_SHA = { 0x00,0x34 }; -+ CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x35 }; -+ CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA = { 0x00,0x36 }; -+ CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x37 }; -+ CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA = { 0x00,0x38 }; -+ CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x39 }; -+ CipherSuite TLS_DH_anon_WITH_AES_256_CBC_SHA = { 0x00,0x3A }; - CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 = { 0x00,0x60 }; - CipherSuite TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 = { 0x00,0x61 }; - CipherSuite TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA = { 0x00,0x62 }; ---- ssldump-0.9b3/ssl/ciphersuites.c 2002-08-17 03:33:17.000000000 +0200 -+++ ssldump-0.9b3/ssl/ciphersuites.c.aes 2010-04-06 16:33:52.000000000 +0200 -@@ -78,10 +78,22 @@ - {25,KEX_DH,SIG_NONE,ENC_DES,8,64,40,DIG_MD5,16,1}, - {26,KEX_DH,SIG_NONE,ENC_DES,8,64,64,DIG_MD5,16,0}, - {27,KEX_DH,SIG_NONE,ENC_3DES,8,192,192,DIG_MD5,16,0}, -+ {47,KEX_RSA,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0}, -+ {48,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0}, -+ {49,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0}, -+ {50,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0}, -+ {51,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0}, -+ {52,KEX_DH,SIG_NONE,ENC_AES128,16,128,128,DIG_SHA,20,0}, -+ {53,KEX_RSA,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0}, -+ {54,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0}, -+ {55,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0}, -+ {56,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0}, -+ {57,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0}, -+ {58,KEX_DH,SIG_NONE,ENC_AES256,16,256,256,DIG_SHA,20,0}, - {96,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_MD5,16,1}, - {97,KEX_RSA,SIG_RSA,ENC_RC2,1,128,56,DIG_MD5,16,1}, - {98,KEX_RSA,SIG_RSA,ENC_DES,8,64,64,DIG_SHA,20,1}, -- {99,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,16,1}, -+ {99,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,20,1}, - {100,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_SHA,20,1}, - {101,KEX_DH,SIG_DSS,ENC_RC4,1,128,56,DIG_SHA,20,1}, - {102,KEX_DH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA,20,0}, ---- ssldump-0.9b3/ssl/ssl.enums.c 2001-07-20 18:44:36.000000000 +0200 -+++ ssldump-0.9b3/ssl/ssl.enums.c.aes 2010-04-06 16:40:14.000000000 +0200 -@@ -151,7 +151,7 @@ - "application_data", - decode_ContentType_application_data - }, --{0} -+{-1} - }; - - static int decode_HandshakeType_HelloRequest(ssl,dir,seg,data) -@@ -163,6 +163,7 @@ - - - printf("\n"); -+ return(0); - - } - static int decode_HandshakeType_ClientHello(ssl,dir,seg,data) -@@ -368,6 +369,7 @@ - - - printf("\n"); -+ return(0); - - } - static int decode_HandshakeType_CertificateVerify(ssl,dir,seg,data) -@@ -611,6 +613,54 @@ - "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - 0 }, - { -+ 47, -+ "TLS_RSA_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 48, -+ "TLS_DH_DSS_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 49, -+ "TLS_DH_RSA_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 50, -+ "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 51, -+ "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 52, -+ "TLS_DH_anon_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 53, -+ "TLS_RSA_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { -+ 54, -+ "TLS_DH_DSS_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { -+ 55, -+ "TLS_DH_RSA_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { -+ 56, -+ "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { -+ 57, -+ "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { -+ 58, -+ "TLS_DH_anon_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { - 96, - "TLS_RSA_EXPORT1024_WITH_RC4_56_MD5", - 0 }, ---- ssldump-0.9b3/ssl/ssl_enum.c 2000-10-09 07:14:02.000000000 +0200 -+++ ssldump-0.9b3/ssl/ssl_enum.c.aes 2010-04-06 16:57:15.000000000 +0200 -@@ -70,7 +70,7 @@ - "application_data", - decode_ContentType_application_data - }, --{0} -+{-1} - }; - - static int decode_HandshakeType_hello_request(ssl,dir,seg,data) diff --git a/testing/ssldump/0040-cvs-20060619.patch b/testing/ssldump/0040-cvs-20060619.patch deleted file mode 100644 index 7b7c6b305d..0000000000 --- a/testing/ssldump/0040-cvs-20060619.patch +++ /dev/null @@ -1,191 +0,0 @@ -Patch by Michael Calmer <mc@suse.de> for ssldump >= 0.9b3 which backports several -fixes and some minor enhancements from upstream CVS 2006-06-19. - ---- ssldump-0.9b3/ssl/sslprint.c 2002-08-17 03:33:17.000000000 +0200 -+++ ssldump-0.9b3/ssl/sslprint.c.cvs 2010-04-06 17:12:40.000000000 +0200 -@@ -248,12 +248,12 @@ - SSL_DECODE_UINT16(ssl,0,0,&d,&length); - - if(d.len!=length){ -- explain(ssl,"Short record\n"); -+ explain(ssl," Short record: %u bytes available (expecting: %u)\n",length,d.len); - return(0); - } - - P_(P_RH){ -- explain(ssl,"V%d.%d(%d)",vermaj,vermin,length); -+ explain(ssl," V%d.%d(%d)",vermaj,vermin,length); - } - - -@@ -262,19 +262,22 @@ - r=ssl_decode_record(ssl,ssl->decoder,direction,ct,version,&d); - - if(r==SSL_BAD_MAC){ -- explain(ssl," bad MAC\n"); -+ explain(ssl," bad MAC\n"); - return(0); - } - - if(r){ -- if(r=ssl_print_enum(ssl,0,ContentType_decoder,ct)) -+ if(r=ssl_print_enum(ssl,0,ContentType_decoder,ct)) { -+ printf(" unknown record type: %d\n", ct); - ERETURN(r); -+ } - printf("\n"); - } - else{ -- if(r=ssl_decode_switch(ssl,ContentType_decoder,data[0],direction,q, -- &d)) -+ if(r=ssl_decode_switch(ssl,ContentType_decoder,data[0],direction,q, &d)) { -+ printf(" unknown record type: %d\n", ct); - ERETURN(r); -+ } - } - - return(0); -@@ -369,7 +372,7 @@ - dtable++; - } - -- return(-1); -+ return(R_NOT_FOUND); - } - - int ssl_decode_enum(ssl,name,size,dtable,p,data,x) -@@ -416,8 +419,7 @@ - dtable++; - } - -- explain(ssl,"%s","unknown value"); -- return(0); -+ return(R_NOT_FOUND); - } - - int explain(ssl_obj *ssl,char *format,...) -@@ -535,7 +537,7 @@ - - printf("\n"); - for(i=0;i<d->len;i++){ -- if(!isprint(d->data[i]) && !strchr("\r\n\t",d->data[i])){ -+ if(d->data[i] == 0 || (!isprint(d->data[i]) && !strchr("\r\n\t",d->data[i]))){ - bit8=1; - break; - } -@@ -557,7 +559,8 @@ - else{ - int nl=1; - INDENT; -- printf("---------------------------------------------------------------\n"); if(SSL_print_flags & SSL_PRINT_NROFF){ -+ printf("---------------------------------------------------------------\n"); -+ if(SSL_print_flags & SSL_PRINT_NROFF){ - if(ssl->process_ciphertext & ssl->direction) - printf("\\f[CI]"); - else ---- ssldump-0.9b3/ssl/ssl_analyze.c 2010-04-06 16:58:23.000000000 +0200 -+++ ssldump-0.9b3/ssl/ssl_analyze.c.cvs 2010-04-06 17:08:22.000000000 +0200 -@@ -359,12 +359,16 @@ - case 23: - break; - default: -- printf("Unknown SSL content type %d\n",q->data[0] & 255); -- ABORT(R_INTERNAL); -+ DBG((0,"Unknown SSL content type %d for segment %u:%u(%u)", -+ q->data[0] & 255,seg->s_seq,seg->s_seq+seg->len,seg->len)); - } - - rec_len=COMBINE(q->data[3],q->data[4]); - -+ /* SSL v3.0 spec says a record may not exceed 2**14 + 2048 == 18432 */ -+ if(rec_len > 18432) -+ ABORT(R_INTERNAL); -+ - /*Expand the buffer*/ - if(q->_allocated<(rec_len+SSL_HEADER_SIZE)){ - if(!(q->data=realloc(q->data,rec_len+5))) ---- ssldump-0.9b3/base/tcppack.c 2002-09-09 23:02:58.000000000 +0200 -+++ ssldump-0.9b3/base/tcppack.c.cvs 2010-04-06 17:06:46.000000000 +0200 -@@ -95,11 +95,11 @@ - proper order. This shouldn't be a problem, though, - except for simultaneous connects*/ - if((p->tcp->th_flags & (TH_SYN|TH_ACK))!=TH_SYN){ -- DBG((0,"TCP: rejecting packet from unknown connection\n")); -+ DBG((0,"TCP: rejecting packet from unknown connection, seq: %u\n",ntohl(p->tcp->th_seq))); - return(0); - } - -- DBG((0,"SYN1\n")); -+ DBG((0,"SYN1 seq: %u",ntohl(p->tcp->th_seq))); - if(r=new_connection(handler,ctx,p,&conn)) - ABORT(r); - conn->i2r.seq=ntohl(p->tcp->th_seq)+1; -@@ -117,14 +117,14 @@ - conn->r2i.seq=ntohl(p->tcp->th_seq)+1; - conn->r2i.ack=ntohl(p->tcp->th_ack)+1; - conn->state=TCP_STATE_SYN2; -- DBG((0,"SYN2\n")); -+ DBG((0,"SYN2 seq: %u",ntohl(p->tcp->th_seq))); - break; - case TCP_STATE_SYN2: - { - char *sn=0,*dn=0; - if(direction != DIR_I2R) - break; -- DBG((0,"ACK\n")); -+ DBG((0,"ACK seq: %u",ntohl(p->tcp->th_seq))); - conn->i2r.ack=ntohl(p->tcp->th_ack)+1; - lookuphostname(&conn->i_addr,&sn); - lookuphostname(&conn->r_addr,&dn); -@@ -228,7 +228,8 @@ - l=p->len - p->tcp->th_off * 4; - - if(stream->close){ -- DBG((0,"Rejecting packet received after FIN")); -+ DBG((0,"Rejecting packet received after FIN: %u:%u(%u)", -+ ntohl(p->tcp->th_seq),ntohl(p->tcp->th_seq+l),l)); - return(0); - } - -@@ -341,20 +342,26 @@ - if(conn->state == TCP_STATE_ESTABLISHED) - conn->state=TCP_STATE_FIN1; - else -- conn->state=TCP_STATE_CLOSED; -+ conn->state=TCP_STATE_CLOSED; - } - - stream->oo_queue=seg->next; - seg->next=0; - stream->seq=seg->s_seq + seg->len; - -- if(r=conn->analyzer->vtbl->data(conn->analyzer->obj,&_seg,direction)) -+ DBG((0,"Analyzing segment: %u:%u(%u)", seg->s_seq, seg->s_seq+seg->len, seg->len)); -+ if(r=conn->analyzer->vtbl->data(conn->analyzer->obj,&_seg,direction)) { -+ DBG((0,"ABORT due to segment: %u:%u(%u)", seg->s_seq, seg->s_seq+seg->len, seg->len)); - ABORT(r); -+ } - } - - if(stream->close){ -- if(r=conn->analyzer->vtbl->close(conn->analyzer->obj,p,direction)) -- ABORT(r); -+ DBG((0,"Closing with segment: %u:%u(%u)", seg->s_seq, stream->seq, seg->len)); -+ if(r=conn->analyzer->vtbl->close(conn->analyzer->obj,p,direction)) { -+ DBG((0,"ABORT due to segment: %u:%u(%u)", seg->s_seq, stream->seq, seg->len)); -+ ABORT(r); -+ } - } - - free_tcp_segment_queue(_seg.next); ---- ssldump-0.9b3/common/lib/r_assoc.c 2001-12-24 07:06:26.000000000 +0100 -+++ ssldump-0.9b3/common/lib/r_assoc.c.cvs 2010-04-06 17:01:11.000000000 +0200 -@@ -306,7 +306,7 @@ - ABORT(R_NO_MEMORY); - for(i=0;i<new->size;i++){ - if(r=copy_assoc_chain(new->chains+i,old->chains[i])) -- ABORT(r); -+ ABORT(R_NO_MEMORY); - } - *newp=new; - diff --git a/testing/ssldump/0050-table-stops.patch b/testing/ssldump/0050-table-stops.patch deleted file mode 100644 index f3f7920e87..0000000000 --- a/testing/ssldump/0050-table-stops.patch +++ /dev/null @@ -1,54 +0,0 @@ -Patch by Robert Scheck <robert@fedoraproject.org> for ssldump >= 0.9b3, which is -changing the decoder table ends from 0 to -1 to match the expected value of table -search routines. Without this patch, ssldump segfaults at latest after some time -of usage when decoding unknown enumerated values. For further information, please -have a look to Red Hat Bugzilla, bug ID #747398. - ---- ssldump-0.9b3/ssl/ssl.enums.c 2011-10-24 22:33:03.000000000 +0200 -+++ ssldump-0.9b3/ssl/ssl.enums.c.table-stops 2011-10-24 22:34:20.000000000 +0200 -@@ -500,7 +500,7 @@ - "Finished", - decode_HandshakeType_Finished - }, --{0} -+{-1} - }; - - decoder cipher_suite_decoder[]={ -@@ -778,7 +778,7 @@ - "fatal", - decode_AlertLevel_fatal - }, --{0} -+{-1} - }; - - static int decode_AlertDescription_close_notify(ssl,dir,seg,data) -@@ -1081,7 +1081,7 @@ - "no_renegotiation", - decode_AlertDescription_no_renegotiation - }, --{0} -+{-1} - }; - - decoder compression_method_decoder[]={ -@@ -1145,6 +1145,6 @@ - "dss_fixed_dh", - decode_client_certificate_type_dss_fixed_dh - }, --{0} -+{-1} - }; - ---- ssldump-0.9b3/ssl/ssl_enum.c 2011-10-24 22:33:03.000000000 +0200 -+++ ssldump-0.9b3/ssl/ssl_enum.c.table-stops 2011-10-24 22:34:44.000000000 +0200 -@@ -260,7 +260,7 @@ - "finished", - decode_HandshakeType_finished - }, --{0} -+{-1} - }; - - decoder cipher_suite_decoder[]={ diff --git a/testing/ssldump/0060-link_layer.patch b/testing/ssldump/0060-link_layer.patch deleted file mode 100644 index 0b4df7cd66..0000000000 --- a/testing/ssldump/0060-link_layer.patch +++ /dev/null @@ -1,91 +0,0 @@ -Patch by Robert Scheck <robert@fedoraproject.org> for ssldump >= 0.9b3 which adds -some further link layer offsets; inspirated from the original DLT_LINUX_SLL patch -by PeBek at http://sourceforge.net/p/ssldump/patches/6/. - ---- ssldump-0.9b3/base/pcap-snoop.c 2014-05-04 02:02:58.000000000 +0200 -+++ ssldump-0.9b3/base/pcap-snoop.c.link_layer 2014-05-04 02:20:21.000000000 +0200 -@@ -136,6 +136,10 @@ - len=hdr->len; - - switch(pcap_if_type){ -+ case DLT_RAW: -+#ifdef DLT_LOOP -+ case DLT_LOOP: -+#endif - case DLT_NULL: - data+=4; - len-=4; -@@ -158,6 +162,73 @@ - return; - - break; -+ case DLT_IEEE802: -+ data+=22; -+ len-=22; -+ break; -+ case DLT_FDDI: -+ data+=21; -+ len-=21; -+ break; -+#ifdef __amigaos__ -+ case DLT_MIAMI: -+ data+=16; -+ len-=16; -+ break; -+#endif -+ case DLT_SLIP: -+#ifdef DLT_SLIP_BSDOS -+ case DLT_SLIP_BSDOS: -+#endif -+#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || defined(__bsdi__) || defined(__APPLE__) -+ data+=16; -+ len-=16; -+#else -+ data+=24; -+ len-=24; -+#endif -+ break; -+ case DLT_PPP: -+#ifdef DLT_PPP_BSDOS -+ case DLT_PPP_BSDOS: -+#endif -+#ifdef DLT_PPP_SERIAL -+ case DLT_PPP_SERIAL: -+#endif -+#ifdef DLT_PPP_ETHER -+ case DLT_PPP_ETHER: -+#endif -+#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || defined(__bsdi__) || defined(__APPLE__) -+ data+=4; -+ len-=4; -+#else -+#if defined(sun) || defined(__sun) -+ data+=8; -+ len-=8; -+#else -+ data+=24; -+ len-=24; -+#endif -+#endif -+ break; -+#ifdef DLT_ENC -+ case DLT_ENC: -+ data+=12; -+ len-=12; -+ break; -+#endif -+#ifdef DLT_LINUX_SLL -+ case DLT_LINUX_SLL: -+ data+=16; -+ len-=16; -+ break; -+#endif -+#ifdef DLT_IPNET -+ case DLT_IPNET: -+ data+=24; -+ len-=24; -+ break; -+#endif - } - network_process_packet(n,&hdr->ts,data,len); - } diff --git a/testing/ssldump/0070-pcap-vlan.patch b/testing/ssldump/0070-pcap-vlan.patch deleted file mode 100644 index 1c58d87c60..0000000000 --- a/testing/ssldump/0070-pcap-vlan.patch +++ /dev/null @@ -1,36 +0,0 @@ -Patch by David Holmes <dholmesf5@users.sourceforge.net> for ssldump >= 0.9b3 which -adds a filter to include traffic with or without the 802.1Q VLAN header. - ---- ssldump-0.9b3/base/pcap-snoop.c 2014-05-04 02:20:21.000000000 +0200 -+++ ssldump-0.9b3/base/pcap-snoop.c.pcap-vlan 2014-05-04 05:22:43.000000000 +0200 -@@ -385,6 +385,30 @@ - if(filter){ - struct bpf_program fp; - -+ /* (F5 patch) -+ * reformat filter to include traffic with or without the 802.1q -+ * vlan header. for example, "port 80" becomes: -+ * "( port 80 ) or ( vlan and port 80 )". -+ * note that if the filter includes the literals vlan, tagged, or -+ * untagged, then it is assumed that the user knows what she is -+ * doing, and the filter is not reformatted. -+ */ -+ if ((pcap_datalink(p) == DLT_EN10MB) && -+ (filter != NULL) && -+ (strstr(filter,"vlan") == NULL)) { -+ char *tmp_filter; -+ char *fmt = "( (not ether proto 0x8100) and (%s) ) or ( vlan and (%s) )"; -+ -+ tmp_filter = (char *)malloc((strlen(filter) * 2) + strlen(fmt) + 1); -+ if (tmp_filter == NULL) { -+ fprintf(stderr,"PCAP: malloc failed\n"); -+ err_exit("Aborting",-1); -+ } -+ -+ sprintf(tmp_filter,fmt,filter,filter); -+ filter = tmp_filter; -+ } -+ - if(pcap_compile(p,&fp,filter,0,netmask)<0) - verr_exit("PCAP: %s\n",pcap_geterr(p)); - diff --git a/testing/ssldump/0080-tlsv12.patch b/testing/ssldump/0080-tlsv12.patch deleted file mode 100644 index fae15c85b2..0000000000 --- a/testing/ssldump/0080-tlsv12.patch +++ /dev/null @@ -1,218 +0,0 @@ -Patch by David Holmes <dholmesf5@users.sourceforge.net> (revised by Paul Aurich -<darkrain@users.sourceforge.net>, minor changes for compilation by Robert Scheck -<robert@fedoraproject.org>) for ssldump >= 0.9b3 which adds TLSv1.1 and TLSv1.2 -application data decrypt support. For further information please have a look to -http://sourceforge.net/p/ssldump/patches/8/. - ---- ssldump-0.9b3/ssl/ssl_rec.c 2014-05-04 02:02:58.000000000 +0200 -+++ ssldump-0.9b3/ssl/ssl_rec.c.tlsv12 2014-05-04 05:30:22.000000000 +0200 -@@ -68,19 +68,28 @@ - }; - - --static char *digests[]={ -+char *digests[]={ - "MD5", - "SHA1" -+ "SHA224", -+ "SHA256", -+ "SHA384", -+ "SHA512", -+ NULL - }; - --static char *ciphers[]={ -+char *ciphers[]={ - "DES", -- "DES3", -+ "3DES", - "RC4", - "RC2", - "IDEA", - "AES128", -- "AES256" -+ "AES256", -+ "CAMELLIA128", -+ "CAMELLIA256", -+ "SEED", -+ NULL - }; - - -@@ -192,6 +201,19 @@ - ERETURN(r); - } - else{ -+ /* TLS 1.1 and beyond: remove explicit IV, only used with -+ * non-stream ciphers. */ -+ if (ssl->version>=0x0302 && ssl->cs->block > 1) { -+ UINT4 blk = ssl->cs->block; -+ if (blk <= *outl) { -+ *outl-=blk; -+ memmove(out, out+blk, *outl); -+ } -+ else { -+ DBG((0,"Block size greater than Plaintext!")); -+ ERETURN(SSL_BAD_MAC); -+ } -+ } - if(r=tls_check_mac(d,ct,version,out,*outl,mac)) - ERETURN(r); - } -@@ -231,7 +253,7 @@ - HMAC_CTX hm; - const EVP_MD *md; - UINT4 l; -- UCHAR buf[20]; -+ UCHAR buf[128]; - - md=EVP_get_digestbyname(digests[d->cs->dig-0x40]); - HMAC_Init(&hm,d->mac_key->data,d->mac_key->len,md); ---- ssldump-0.9b3/ssl/sslciphers.h 2014-05-04 02:02:58.000000000 +0200 -+++ ssldump-0.9b3/ssl/sslciphers.h.tlsv12 2014-05-04 05:07:20.000000000 +0200 -@@ -73,10 +73,17 @@ - #define ENC_IDEA 0x34 - #define ENC_AES128 0x35 - #define ENC_AES256 0x36 --#define ENC_NULL 0x37 -+#define ENC_CAMELLIA128 0x37 -+#define ENC_CAMELLIA256 0x38 -+#define ENC_SEED 0x39 -+#define ENC_NULL 0x3a - - #define DIG_MD5 0x40 - #define DIG_SHA 0x41 -+#define DIG_SHA224 0x42 /* Not sure why EKR didn't follow RFC for */ -+#define DIG_SHA256 0x43 /* these values, but whatever, just adding on */ -+#define DIG_SHA384 0x44 -+#define DIG_SHA512 0x45 - - int ssl_find_cipher PROTO_LIST((int num,SSL_CipherSuite **cs)); - ---- ssldump-0.9b3/ssl/ssldecode.c 2014-05-04 02:02:58.000000000 +0200 -+++ ssldump-0.9b3/ssl/ssldecode.c.tlsv12 2014-05-04 05:29:43.000000000 +0200 -@@ -61,11 +61,14 @@ - - #define PRF(ssl,secret,usage,rnd1,rnd2,out) (ssl->version==SSLV3_VERSION)? \ - ssl3_prf(ssl,secret,usage,rnd1,rnd2,out): \ -- tls_prf(ssl,secret,usage,rnd1,rnd2,out) -+ ((ssl->version == TLSV12_VERSION) ? \ -+ tls12_prf(ssl,secret,usage,rnd1,rnd2,out): \ -+ tls_prf(ssl,secret,usage,rnd1,rnd2,out)) - - - static char *ssl_password; - -+extern char *digests; - extern UINT4 SSL_print_flags; - - struct ssl_decode_ctx_ { -@@ -98,6 +101,8 @@ - #ifdef OPENSSL - static int tls_P_hash PROTO_LIST((ssl_obj *ssl,Data *secret,Data *seed, - const EVP_MD *md,Data *out)); -+static int tls12_prf PROTO_LIST((ssl_obj *ssl,Data *secret,char *usage, -+ Data *rnd1,Data *rnd2,Data *out)); - static int tls_prf PROTO_LIST((ssl_obj *ssl,Data *secret,char *usage, - Data *rnd1,Data *rnd2,Data *out)); - static int ssl3_prf PROTO_LIST((ssl_obj *ssl,Data *secret,char *usage, -@@ -432,10 +437,9 @@ - - switch(ssl->version){ - case SSLV3_VERSION: -- if(r=ssl_generate_keying_material(ssl,d)) -- ABORT(r); -- break; - case TLSV1_VERSION: -+ case TLSV11_VERSION: -+ case TLSV12_VERSION: - if(r=ssl_generate_keying_material(ssl,d)) - ABORT(r); - break; -@@ -535,10 +539,9 @@ - - switch(ssl->version){ - case SSLV3_VERSION: -- if(r=ssl_generate_keying_material(ssl,d)) -- ABORT(r); -- break; - case TLSV1_VERSION: -+ case TLSV11_VERSION: -+ case TLSV12_VERSION: - if(r=ssl_generate_keying_material(ssl,d)) - ABORT(r); - break; -@@ -572,7 +575,7 @@ - int left=out->len; - int tocpy; - UCHAR *A; -- UCHAR _A[20],tmp[20]; -+ UCHAR _A[128],tmp[128]; - unsigned int A_l,tmp_l; - HMAC_CTX hm; - -@@ -665,6 +668,53 @@ - - } - -+static int tls12_prf(ssl,secret,usage,rnd1,rnd2,out) -+ ssl_obj *ssl; -+ Data *secret; -+ char *usage; -+ Data *rnd1; -+ Data *rnd2; -+ Data *out; -+ -+ { -+ const EVP_MD *md; -+ int r,_status; -+ Data *sha_out=0; -+ Data *seed; -+ UCHAR *ptr; -+ int i, dgi; -+ -+ if(r=r_data_alloc(&sha_out,MAX(out->len,64))) /* assume max SHA512 */ -+ ABORT(r); -+ if(r=r_data_alloc(&seed,strlen(usage)+rnd1->len+rnd2->len)) -+ ABORT(r); -+ ptr=seed->data; -+ memcpy(ptr,usage,strlen(usage)); ptr+=strlen(usage); -+ memcpy(ptr,rnd1->data,rnd1->len); ptr+=rnd1->len; -+ memcpy(ptr,rnd2->data,rnd2->len); ptr+=rnd2->len; -+ -+ /* Earlier versions of openssl didn't have SHA256 of course... */ -+ dgi = MAX(DIG_SHA256, ssl->cs->dig)-0x40; -+ if ((md=EVP_get_digestbyname(digests[dgi])) == NULL) { -+ DBG((0,"Cannot get EVP for digest %s, openssl library current?", -+ digests[dgi])); -+ ERETURN(SSL_BAD_MAC); -+ } -+ if(r=tls_P_hash(ssl,secret,seed,md,sha_out)) -+ ABORT(r); -+ -+ for(i=0;i<out->len;i++) -+ out->data[i]=sha_out->data[i]; -+ -+ CRDUMPD("PRF out",out); -+ _status=0; -+ abort: -+ r_data_destroy(&sha_out); -+ r_data_destroy(&seed); -+ return(_status); -+ -+ } -+ - static int ssl3_generate_export_iv(ssl,r1,r2,out) - ssl_obj *ssl; - Data *r1; ---- ssldump-0.9b3/ssl/ssl_h.h 2002-08-17 03:33:17.000000000 +0200 -+++ ssldump-0.9b3/ssl/ssl_h.h.tlsv12 2014-05-04 05:17:30.000000000 +0200 -@@ -121,6 +121,8 @@ - - #define SSLV3_VERSION 0x300 - #define TLSV1_VERSION 0x301 -+#define TLSV11_VERSION 0x302 -+#define TLSV12_VERSION 0x303 - - /*State defines*/ - #define SSL_ST_SENT_NOTHING 0 diff --git a/testing/ssldump/0090-ssl-enums.patch b/testing/ssldump/0090-ssl-enums.patch deleted file mode 100644 index ed2854833a..0000000000 --- a/testing/ssldump/0090-ssl-enums.patch +++ /dev/null @@ -1,1806 +0,0 @@ -Patch by Robert Scheck <robert@fedoraproject.org> for ssldump >= 0.9b3 which is -updating the known cipher suites according to IANA. Note that the diff of second -file has been generated using "grep ' CipherSuite ' ssl/ssl.enums > ssl-enums" and -"python ssl-util.py". The helper script is based on a script by Mike Tigas, see -also https://gist.github.com/mtigas/5969597#file-5-conv-py for the helper script. - ---- snipp ssl-util.py --- -#!/usr/bin/env python -import re - -r = re.compile(r'\s+CipherSuite\s+(?P<proto>(?:TLS|SSL)_\w+)\s+=\s+\{\s+0x(?P<high>[0-9a-fA-F]{2}),0x(?P<low>[0-9a-fA-F]{2})\s+\};') -if __name__ == "__main__": - f = open('ssl-enums', 'rb') - for line in f: - res = r.search(line) - if res: - data = res.groupdict() - val = '0x%s%s' % (data['high'], data['low']) - proto = data['proto'] - print "\t{\n\t\t%d,\n\t\t\"%s\",\n\t\t0\t}," % (int(val, 16), proto) - else: - raise Exception ---- snapp ssl-util.py --- - ---- ssldump-0.9b3/ssl/ssl.enums 2014-05-04 02:02:58.000000000 +0200 -+++ ssldump-0.9b3/ssl/ssl.enums.ssl-enums 2014-05-04 14:34:29.000000000 +0200 -@@ -329,67 +329,370 @@ - } HandshakeType; - - constant { -- CipherSuite TLS_RSA_WITH_NULL_MD5 = { 0x00,0x01 }; -- CipherSuite TLS_RSA_WITH_NULL_SHA = { 0x00,0x02 }; -- CipherSuite TLS_RSA_EXPORT_WITH_RC4_40_MD5 = { 0x00,0x03 }; -- CipherSuite TLS_RSA_WITH_RC4_128_MD5 = { 0x00,0x04 }; -- CipherSuite TLS_RSA_WITH_RC4_128_SHA = { 0x00,0x05 }; -- CipherSuite TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = { 0x00,0x06 }; -- CipherSuite TLS_RSA_WITH_IDEA_CBC_SHA = { 0x00,0x07 }; -- CipherSuite TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x08 }; -- CipherSuite TLS_RSA_WITH_DES_CBC_SHA = { 0x00,0x09 }; -- CipherSuite TLS_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x0A }; -- CipherSuite TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x0B }; -- CipherSuite TLS_DH_DSS_WITH_DES_CBC_SHA = { 0x00,0x0C }; -- CipherSuite TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = { 0x00,0x0D }; -- CipherSuite TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x0E }; -- CipherSuite TLS_DH_RSA_WITH_DES_CBC_SHA = { 0x00,0x0F }; -- CipherSuite TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x10 }; -- CipherSuite TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x11 }; -- CipherSuite TLS_DHE_DSS_WITH_DES_CBC_SHA = { 0x00,0x12 }; -- CipherSuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = { 0x00,0x13 }; -- CipherSuite TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x14 }; -- CipherSuite TLS_DHE_RSA_WITH_DES_CBC_SHA = { 0x00,0x15 }; -- CipherSuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x16 }; -- CipherSuite TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = { 0x00,0x17 }; -- CipherSuite TLS_DH_anon_WITH_RC4_128_MD5 = { 0x00,0x18 }; -- CipherSuite TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x19 }; -- CipherSuite TLS_DH_anon_WITH_DES_CBC_SHA = { 0x00,0x1A }; -- CipherSuite TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = { 0x00,0x1B }; -- CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x2F }; -- CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA = { 0x00,0x30 }; -- CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x31 }; -- CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA = { 0x00,0x32 }; -- CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x33 }; -- CipherSuite TLS_DH_anon_WITH_AES_128_CBC_SHA = { 0x00,0x34 }; -- CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x35 }; -- CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA = { 0x00,0x36 }; -- CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x37 }; -- CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA = { 0x00,0x38 }; -- CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x39 }; -- CipherSuite TLS_DH_anon_WITH_AES_256_CBC_SHA = { 0x00,0x3A }; -- CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 = { 0x00,0x60 }; -- CipherSuite TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 = { 0x00,0x61 }; -- CipherSuite TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA = { 0x00,0x62 }; -- CipherSuite TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA = { 0x00,0x63 }; -- CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_SHA = { 0x00,0x64 }; -- CipherSuite TLS_DHE_DSS_WITH_RC2_56_CBC_SHA = { 0x00,0x65 }; -- CipherSuite TLS_DHE_DSS_WITH_RC4_128_SHA = { 0x00,0x66 }; -- CipherSuite TLS_DHE_DSS_WITH_NULL_SHA = { 0x00,0x67 }; -- CipherSuite SSL2_CK_RC4 = { 0x01,0x00,0x80}; -- CipherSuite SSL2_CK_RC4_EXPORT40 = { 0x02,0x00,0x80}; -- CipherSuite SSL2_CK_RC2 = { 0x03,0x00,0x80}; -- CipherSuite SSL2_CK_RC2_EXPORT40 = { 0x04,0x00,0x80}; -- CipherSuite SSL2_CK_IDEA = { 0x05,0x00,0x80}; -- CipherSuite SSL2_CK_DES = { 0x06,0x00,0x40}; -- CipherSuite SSL2_CK_RC464 = { 0x08,0x00,0x80}; -- CipherSuite SSL2_CK_3DES = { 0x07,0x00,0xc0}; -- CipherSuite TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = {0x00,0x4a}; -- CipherSuite TLS_ECDH_ECDSA_WITH_RC4_128_SHA = {0x00,0x48}; -- CipherSuite SSL_RSA_WITH_RC2_CBC_MD5 = {0xff,0x80}; -- CipherSuite TLS_ECDH_ECDSA_WITH_DES_CBC_SHA = {0x00,0x49}; -- CipherSuite TLS_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA={0xff,0x85}; -- CipherSuite TLS_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA={0xff,0x84}; -+ // https://www.iana.org/assignments/tls-parameters/tls-parameters.txt -+ CipherSuite TLS_NULL_WITH_NULL_NULL = { 0x00,0x00 }; -+ CipherSuite TLS_RSA_WITH_NULL_MD5 = { 0x00,0x01 }; -+ CipherSuite TLS_RSA_WITH_NULL_SHA = { 0x00,0x02 }; -+ CipherSuite TLS_RSA_EXPORT_WITH_RC4_40_MD5 = { 0x00,0x03 }; -+ CipherSuite TLS_RSA_WITH_RC4_128_MD5 = { 0x00,0x04 }; -+ CipherSuite TLS_RSA_WITH_RC4_128_SHA = { 0x00,0x05 }; -+ CipherSuite TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = { 0x00,0x06 }; -+ CipherSuite TLS_RSA_WITH_IDEA_CBC_SHA = { 0x00,0x07 }; -+ CipherSuite TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x08 }; -+ CipherSuite TLS_RSA_WITH_DES_CBC_SHA = { 0x00,0x09 }; -+ CipherSuite TLS_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x0A }; -+ CipherSuite TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x0B }; -+ CipherSuite TLS_DH_DSS_WITH_DES_CBC_SHA = { 0x00,0x0C }; -+ CipherSuite TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = { 0x00,0x0D }; -+ CipherSuite TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x0E }; -+ CipherSuite TLS_DH_RSA_WITH_DES_CBC_SHA = { 0x00,0x0F }; -+ CipherSuite TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x10 }; -+ CipherSuite TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x11 }; -+ CipherSuite TLS_DHE_DSS_WITH_DES_CBC_SHA = { 0x00,0x12 }; -+ CipherSuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = { 0x00,0x13 }; -+ CipherSuite TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x14 }; -+ CipherSuite TLS_DHE_RSA_WITH_DES_CBC_SHA = { 0x00,0x15 }; -+ CipherSuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x16 }; -+ CipherSuite TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = { 0x00,0x17 }; -+ CipherSuite TLS_DH_anon_WITH_RC4_128_MD5 = { 0x00,0x18 }; -+ CipherSuite TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x19 }; -+ CipherSuite TLS_DH_anon_WITH_DES_CBC_SHA = { 0x00,0x1A }; -+ CipherSuite TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = { 0x00,0x1B }; -+ CipherSuite TLS_KRB5_WITH_DES_CBC_SHA = { 0x00,0x1E }; -+ CipherSuite TLS_KRB5_WITH_3DES_EDE_CBC_SHA = { 0x00,0x1F }; -+ CipherSuite TLS_KRB5_WITH_RC4_128_SHA = { 0x00,0x20 }; -+ CipherSuite TLS_KRB5_WITH_IDEA_CBC_SHA = { 0x00,0x21 }; -+ CipherSuite TLS_KRB5_WITH_DES_CBC_MD5 = { 0x00,0x22 }; -+ CipherSuite TLS_KRB5_WITH_3DES_EDE_CBC_MD5 = { 0x00,0x23 }; -+ CipherSuite TLS_KRB5_WITH_RC4_128_MD5 = { 0x00,0x24 }; -+ CipherSuite TLS_KRB5_WITH_IDEA_CBC_MD5 = { 0x00,0x25 }; -+ CipherSuite TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA = { 0x00,0x26 }; -+ CipherSuite TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA = { 0x00,0x27 }; -+ CipherSuite TLS_KRB5_EXPORT_WITH_RC4_40_SHA = { 0x00,0x28 }; -+ CipherSuite TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5 = { 0x00,0x29 }; -+ CipherSuite TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5 = { 0x00,0x2A }; -+ CipherSuite TLS_KRB5_EXPORT_WITH_RC4_40_MD5 = { 0x00,0x2B }; -+ CipherSuite TLS_PSK_WITH_NULL_SHA = { 0x00,0x2C }; -+ CipherSuite TLS_DHE_PSK_WITH_NULL_SHA = { 0x00,0x2D }; -+ CipherSuite TLS_RSA_PSK_WITH_NULL_SHA = { 0x00,0x2E }; -+ CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x2F }; -+ CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA = { 0x00,0x30 }; -+ CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x31 }; -+ CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA = { 0x00,0x32 }; -+ CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x33 }; -+ CipherSuite TLS_DH_anon_WITH_AES_128_CBC_SHA = { 0x00,0x34 }; -+ CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x35 }; -+ CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA = { 0x00,0x36 }; -+ CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x37 }; -+ CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA = { 0x00,0x38 }; -+ CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x39 }; -+ CipherSuite TLS_DH_anon_WITH_AES_256_CBC_SHA = { 0x00,0x3A }; -+ CipherSuite TLS_RSA_WITH_NULL_SHA256 = { 0x00,0x3B }; -+ CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA256 = { 0x00,0x3C }; -+ CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA256 = { 0x00,0x3D }; -+ CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA256 = { 0x00,0x3E }; -+ CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA256 = { 0x00,0x3F }; -+ CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = { 0x00,0x40 }; -+ CipherSuite TLS_RSA_WITH_CAMELLIA_128_CBC_SHA = { 0x00,0x41 }; -+ CipherSuite TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = { 0x00,0x42 }; -+ CipherSuite TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = { 0x00,0x43 }; -+ CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = { 0x00,0x44 }; -+ CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = { 0x00,0x45 }; -+ CipherSuite TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA = { 0x00,0x46 }; -+ CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = { 0x00,0x67 }; -+ CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA256 = { 0x00,0x68 }; -+ CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA256 = { 0x00,0x69 }; -+ CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = { 0x00,0x6A }; -+ CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = { 0x00,0x6B }; -+ CipherSuite TLS_DH_anon_WITH_AES_128_CBC_SHA256 = { 0x00,0x6C }; -+ CipherSuite TLS_DH_anon_WITH_AES_256_CBC_SHA256 = { 0x00,0x6D }; -+ CipherSuite TLS_RSA_WITH_CAMELLIA_256_CBC_SHA = { 0x00,0x84 }; -+ CipherSuite TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = { 0x00,0x85 }; -+ CipherSuite TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = { 0x00,0x86 }; -+ CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = { 0x00,0x87 }; -+ CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = { 0x00,0x88 }; -+ CipherSuite TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA = { 0x00,0x89 }; -+ CipherSuite TLS_PSK_WITH_RC4_128_SHA = { 0x00,0x8A }; -+ CipherSuite TLS_PSK_WITH_3DES_EDE_CBC_SHA = { 0x00,0x8B }; -+ CipherSuite TLS_PSK_WITH_AES_128_CBC_SHA = { 0x00,0x8C }; -+ CipherSuite TLS_PSK_WITH_AES_256_CBC_SHA = { 0x00,0x8D }; -+ CipherSuite TLS_DHE_PSK_WITH_RC4_128_SHA = { 0x00,0x8E }; -+ CipherSuite TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA = { 0x00,0x8F }; -+ CipherSuite TLS_DHE_PSK_WITH_AES_128_CBC_SHA = { 0x00,0x90 }; -+ CipherSuite TLS_DHE_PSK_WITH_AES_256_CBC_SHA = { 0x00,0x91 }; -+ CipherSuite TLS_RSA_PSK_WITH_RC4_128_SHA = { 0x00,0x92 }; -+ CipherSuite TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA = { 0x00,0x93 }; -+ CipherSuite TLS_RSA_PSK_WITH_AES_128_CBC_SHA = { 0x00,0x94 }; -+ CipherSuite TLS_RSA_PSK_WITH_AES_256_CBC_SHA = { 0x00,0x95 }; -+ CipherSuite TLS_RSA_WITH_SEED_CBC_SHA = { 0x00,0x96 }; -+ CipherSuite TLS_DH_DSS_WITH_SEED_CBC_SHA = { 0x00,0x97 }; -+ CipherSuite TLS_DH_RSA_WITH_SEED_CBC_SHA = { 0x00,0x98 }; -+ CipherSuite TLS_DHE_DSS_WITH_SEED_CBC_SHA = { 0x00,0x99 }; -+ CipherSuite TLS_DHE_RSA_WITH_SEED_CBC_SHA = { 0x00,0x9A }; -+ CipherSuite TLS_DH_anon_WITH_SEED_CBC_SHA = { 0x00,0x9B }; -+ CipherSuite TLS_RSA_WITH_AES_128_GCM_SHA256 = { 0x00,0x9C }; -+ CipherSuite TLS_RSA_WITH_AES_256_GCM_SHA384 = { 0x00,0x9D }; -+ CipherSuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = { 0x00,0x9E }; -+ CipherSuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = { 0x00,0x9F }; -+ CipherSuite TLS_DH_RSA_WITH_AES_128_GCM_SHA256 = { 0x00,0xA0 }; -+ CipherSuite TLS_DH_RSA_WITH_AES_256_GCM_SHA384 = { 0x00,0xA1 }; -+ CipherSuite TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 = { 0x00,0xA2 }; -+ CipherSuite TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 = { 0x00,0xA3 }; -+ CipherSuite TLS_DH_DSS_WITH_AES_128_GCM_SHA256 = { 0x00,0xA4 }; -+ CipherSuite TLS_DH_DSS_WITH_AES_256_GCM_SHA384 = { 0x00,0xA5 }; -+ CipherSuite TLS_DH_anon_WITH_AES_128_GCM_SHA256 = { 0x00,0xA6 }; -+ CipherSuite TLS_DH_anon_WITH_AES_256_GCM_SHA384 = { 0x00,0xA7 }; -+ CipherSuite TLS_PSK_WITH_AES_128_GCM_SHA256 = { 0x00,0xA8 }; -+ CipherSuite TLS_PSK_WITH_AES_256_GCM_SHA384 = { 0x00,0xA9 }; -+ CipherSuite TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = { 0x00,0xAA }; -+ CipherSuite TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 = { 0x00,0xAB }; -+ CipherSuite TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 = { 0x00,0xAC }; -+ CipherSuite TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 = { 0x00,0xAD }; -+ CipherSuite TLS_PSK_WITH_AES_128_CBC_SHA256 = { 0x00,0xAE }; -+ CipherSuite TLS_PSK_WITH_AES_256_CBC_SHA384 = { 0x00,0xAF }; -+ CipherSuite TLS_PSK_WITH_NULL_SHA256 = { 0x00,0xB0 }; -+ CipherSuite TLS_PSK_WITH_NULL_SHA384 = { 0x00,0xB1 }; -+ CipherSuite TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = { 0x00,0xB2 }; -+ CipherSuite TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = { 0x00,0xB3 }; -+ CipherSuite TLS_DHE_PSK_WITH_NULL_SHA256 = { 0x00,0xB4 }; -+ CipherSuite TLS_DHE_PSK_WITH_NULL_SHA384 = { 0x00,0xB5 }; -+ CipherSuite TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 = { 0x00,0xB6 }; -+ CipherSuite TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 = { 0x00,0xB7 }; -+ CipherSuite TLS_RSA_PSK_WITH_NULL_SHA256 = { 0x00,0xB8 }; -+ CipherSuite TLS_RSA_PSK_WITH_NULL_SHA384 = { 0x00,0xB9 }; -+ CipherSuite TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 = { 0x00,0xBA }; -+ CipherSuite TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = { 0x00,0xBB }; -+ CipherSuite TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = { 0x00,0xBC }; -+ CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = { 0x00,0xBD }; -+ CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = { 0x00,0xBE }; -+ CipherSuite TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 = { 0x00,0xBF }; -+ CipherSuite TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 = { 0x00,0xC0 }; -+ CipherSuite TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = { 0x00,0xC1 }; -+ CipherSuite TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = { 0x00,0xC2 }; -+ CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = { 0x00,0xC3 }; -+ CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = { 0x00,0xC4 }; -+ CipherSuite TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 = { 0x00,0xC5 }; -+ CipherSuite TLS_EMPTY_RENEGOTIATION_INFO_SCSV = { 0x00,0xFF }; -+ CipherSuite TLS_ECDH_ECDSA_WITH_NULL_SHA = { 0xC0,0x01 }; -+ CipherSuite TLS_ECDH_ECDSA_WITH_RC4_128_SHA = { 0xC0,0x02 }; -+ CipherSuite TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x03 }; -+ CipherSuite TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA = { 0xC0,0x04 }; -+ CipherSuite TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = { 0xC0,0x05 }; -+ CipherSuite TLS_ECDHE_ECDSA_WITH_NULL_SHA = { 0xC0,0x06 }; -+ CipherSuite TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = { 0xC0,0x07 }; -+ CipherSuite TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x08 }; -+ CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = { 0xC0,0x09 }; -+ CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = { 0xC0,0x0A }; -+ CipherSuite TLS_ECDH_RSA_WITH_NULL_SHA = { 0xC0,0x0B }; -+ CipherSuite TLS_ECDH_RSA_WITH_RC4_128_SHA = { 0xC0,0x0C }; -+ CipherSuite TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x0D }; -+ CipherSuite TLS_ECDH_RSA_WITH_AES_128_CBC_SHA = { 0xC0,0x0E }; -+ CipherSuite TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = { 0xC0,0x0F }; -+ CipherSuite TLS_ECDHE_RSA_WITH_NULL_SHA = { 0xC0,0x10 }; -+ CipherSuite TLS_ECDHE_RSA_WITH_RC4_128_SHA = { 0xC0,0x11 }; -+ CipherSuite TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x12 }; -+ CipherSuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = { 0xC0,0x13 }; -+ CipherSuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = { 0xC0,0x14 }; -+ CipherSuite TLS_ECDH_anon_WITH_NULL_SHA = { 0xC0,0x15 }; -+ CipherSuite TLS_ECDH_anon_WITH_RC4_128_SHA = { 0xC0,0x16 }; -+ CipherSuite TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x17 }; -+ CipherSuite TLS_ECDH_anon_WITH_AES_128_CBC_SHA = { 0xC0,0x18 }; -+ CipherSuite TLS_ECDH_anon_WITH_AES_256_CBC_SHA = { 0xC0,0x19 }; -+ CipherSuite TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x1A }; -+ CipherSuite TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x1B }; -+ CipherSuite TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x1C }; -+ CipherSuite TLS_SRP_SHA_WITH_AES_128_CBC_SHA = { 0xC0,0x1D }; -+ CipherSuite TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = { 0xC0,0x1E }; -+ CipherSuite TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = { 0xC0,0x1F }; -+ CipherSuite TLS_SRP_SHA_WITH_AES_256_CBC_SHA = { 0xC0,0x20 }; -+ CipherSuite TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = { 0xC0,0x21 }; -+ CipherSuite TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = { 0xC0,0x22 }; -+ CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = { 0xC0,0x23 }; -+ CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = { 0xC0,0x24 }; -+ CipherSuite TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 = { 0xC0,0x25 }; -+ CipherSuite TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 = { 0xC0,0x26 }; -+ CipherSuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = { 0xC0,0x27 }; -+ CipherSuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = { 0xC0,0x28 }; -+ CipherSuite TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 = { 0xC0,0x29 }; -+ CipherSuite TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 = { 0xC0,0x2A }; -+ CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = { 0xC0,0x2B }; -+ CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = { 0xC0,0x2C }; -+ CipherSuite TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = { 0xC0,0x2D }; -+ CipherSuite TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = { 0xC0,0x2E }; -+ CipherSuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = { 0xC0,0x2F }; -+ CipherSuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = { 0xC0,0x30 }; -+ CipherSuite TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 = { 0xC0,0x31 }; -+ CipherSuite TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 = { 0xC0,0x32 }; -+ CipherSuite TLS_ECDHE_PSK_WITH_RC4_128_SHA = { 0xC0,0x33 }; -+ CipherSuite TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x34 }; -+ CipherSuite TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA = { 0xC0,0x35 }; -+ CipherSuite TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA = { 0xC0,0x36 }; -+ CipherSuite TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = { 0xC0,0x37 }; -+ CipherSuite TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = { 0xC0,0x38 }; -+ CipherSuite TLS_ECDHE_PSK_WITH_NULL_SHA = { 0xC0,0x39 }; -+ CipherSuite TLS_ECDHE_PSK_WITH_NULL_SHA256 = { 0xC0,0x3A }; -+ CipherSuite TLS_ECDHE_PSK_WITH_NULL_SHA384 = { 0xC0,0x3B }; -+ CipherSuite TLS_RSA_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x3C }; -+ CipherSuite TLS_RSA_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x3D }; -+ CipherSuite TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x3E }; -+ CipherSuite TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x3F }; -+ CipherSuite TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x40 }; -+ CipherSuite TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x41 }; -+ CipherSuite TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x42 }; -+ CipherSuite TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x43 }; -+ CipherSuite TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x44 }; -+ CipherSuite TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x45 }; -+ CipherSuite TLS_DH_anon_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x46 }; -+ CipherSuite TLS_DH_anon_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x47 }; -+ CipherSuite TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x48 }; -+ CipherSuite TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x49 }; -+ CipherSuite TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x4A }; -+ CipherSuite TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x4B }; -+ CipherSuite TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x4C }; -+ CipherSuite TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x4D }; -+ CipherSuite TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x4E }; -+ CipherSuite TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x4F }; -+ CipherSuite TLS_RSA_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x50 }; -+ CipherSuite TLS_RSA_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x51 }; -+ CipherSuite TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x52 }; -+ CipherSuite TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x53 }; -+ CipherSuite TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x54 }; -+ CipherSuite TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x55 }; -+ CipherSuite TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x56 }; -+ CipherSuite TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x57 }; -+ CipherSuite TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x58 }; -+ CipherSuite TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x59 }; -+ CipherSuite TLS_DH_anon_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x5A }; -+ CipherSuite TLS_DH_anon_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x5B }; -+ CipherSuite TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x5C }; -+ CipherSuite TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x5D }; -+ CipherSuite TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x5E }; -+ CipherSuite TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x5F }; -+ CipherSuite TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x60 }; -+ CipherSuite TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x61 }; -+ CipherSuite TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x62 }; -+ CipherSuite TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x63 }; -+ CipherSuite TLS_PSK_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x64 }; -+ CipherSuite TLS_PSK_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x65 }; -+ CipherSuite TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x66 }; -+ CipherSuite TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x67 }; -+ CipherSuite TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x68 }; -+ CipherSuite TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x69 }; -+ CipherSuite TLS_PSK_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x6A }; -+ CipherSuite TLS_PSK_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x6B }; -+ CipherSuite TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x6C }; -+ CipherSuite TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x6D }; -+ CipherSuite TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x6E }; -+ CipherSuite TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x6F }; -+ CipherSuite TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x70 }; -+ CipherSuite TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x71 }; -+ CipherSuite TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = { 0xC0,0x72 }; -+ CipherSuite TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = { 0xC0,0x73 }; -+ CipherSuite TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = { 0xC0,0x74 }; -+ CipherSuite TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = { 0xC0,0x75 }; -+ CipherSuite TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = { 0xC0,0x76 }; -+ CipherSuite TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = { 0xC0,0x77 }; -+ CipherSuite TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = { 0xC0,0x78 }; -+ CipherSuite TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = { 0xC0,0x79 }; -+ CipherSuite TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x7A }; -+ CipherSuite TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x7B }; -+ CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x7C }; -+ CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x7D }; -+ CipherSuite TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x7E }; -+ CipherSuite TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x7F }; -+ CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x80 }; -+ CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x81 }; -+ CipherSuite TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x82 }; -+ CipherSuite TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x83 }; -+ CipherSuite TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x84 }; -+ CipherSuite TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x85 }; -+ CipherSuite TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x86 }; -+ CipherSuite TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x87 }; -+ CipherSuite TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x88 }; -+ CipherSuite TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x89 }; -+ CipherSuite TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x8A }; -+ CipherSuite TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x8B }; -+ CipherSuite TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x8C }; -+ CipherSuite TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x8D }; -+ CipherSuite TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x8E }; -+ CipherSuite TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x8F }; -+ CipherSuite TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x90 }; -+ CipherSuite TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x91 }; -+ CipherSuite TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x92 }; -+ CipherSuite TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x93 }; -+ CipherSuite TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 = { 0xC0,0x94 }; -+ CipherSuite TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 = { 0xC0,0x95 }; -+ CipherSuite TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = { 0xC0,0x96 }; -+ CipherSuite TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = { 0xC0,0x97 }; -+ CipherSuite TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = { 0xC0,0x98 }; -+ CipherSuite TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = { 0xC0,0x99 }; -+ CipherSuite TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = { 0xC0,0x9A }; -+ CipherSuite TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = { 0xC0,0x9B }; -+ CipherSuite TLS_RSA_WITH_AES_128_CCM = { 0xC0,0x9C }; -+ CipherSuite TLS_RSA_WITH_AES_256_CCM = { 0xC0,0x9D }; -+ CipherSuite TLS_DHE_RSA_WITH_AES_128_CCM = { 0xC0,0x9E }; -+ CipherSuite TLS_DHE_RSA_WITH_AES_256_CCM = { 0xC0,0x9F }; -+ CipherSuite TLS_RSA_WITH_AES_128_CCM_8 = { 0xC0,0xA0 }; -+ CipherSuite TLS_RSA_WITH_AES_256_CCM_8 = { 0xC0,0xA1 }; -+ CipherSuite TLS_DHE_RSA_WITH_AES_128_CCM_8 = { 0xC0,0xA2 }; -+ CipherSuite TLS_DHE_RSA_WITH_AES_256_CCM_8 = { 0xC0,0xA3 }; -+ CipherSuite TLS_PSK_WITH_AES_128_CCM = { 0xC0,0xA4 }; -+ CipherSuite TLS_PSK_WITH_AES_256_CCM = { 0xC0,0xA5 }; -+ CipherSuite TLS_DHE_PSK_WITH_AES_128_CCM = { 0xC0,0xA6 }; -+ CipherSuite TLS_DHE_PSK_WITH_AES_256_CCM = { 0xC0,0xA7 }; -+ CipherSuite TLS_PSK_WITH_AES_128_CCM_8 = { 0xC0,0xA8 }; -+ CipherSuite TLS_PSK_WITH_AES_256_CCM_8 = { 0xC0,0xA9 }; -+ CipherSuite TLS_PSK_DHE_WITH_AES_128_CCM_8 = { 0xC0,0xAA }; -+ CipherSuite TLS_PSK_DHE_WITH_AES_256_CCM_8 = { 0xC0,0xAB }; -+ CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_CCM = { 0xC0,0xAC }; -+ CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_CCM = { 0xC0,0xAD }; -+ CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 = { 0xC0,0xAE }; -+ CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 = { 0xC0,0xAF }; -+ // DRAFT-IETF-TLS-ECC -+ CipherSuite TLS_ECDH_ECDSA_WITH_NULL_SHA = { 0x00,0x47 }; -+ CipherSuite TLS_ECDH_ECDSA_WITH_RC4_128_SHA = { 0x00,0x48 }; -+ CipherSuite TLS_ECDH_ECDSA_WITH_DES_CBC_SHA = { 0x00,0x49 }; -+ CipherSuite TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x4A }; -+ CipherSuite TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA = { 0x00,0x4B }; -+ CipherSuite TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = { 0x00,0x4C }; -+ CipherSuite TLS_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA = { 0x00,0x4B }; -+ CipherSuite TLS_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA = { 0x00,0x4C }; -+ CipherSuite TLS_ECDH_RSA_WITH_NULL_SHA = { 0x00,0x4D }; -+ CipherSuite TLS_ECDH_RSA_WITH_RC4_128_SHA = { 0x00,0x4E }; -+ CipherSuite TLS_ECDH_RSA_WITH_DES_CBC_SHA = { 0x00,0x4F }; -+ CipherSuite TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x50 }; -+ CipherSuite TLS_ECDH_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x51 }; -+ CipherSuite TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x52 }; -+ CipherSuite TLS_ECDH_RSA_EXPORT_WITH_RC4_40_SHA = { 0x00,0x53 }; -+ CipherSuite TLS_ECDH_RSA_EXPORT_WITH_RC4_56_SHA = { 0x00,0x54 }; -+ CipherSuite TLS_ECDH_anon_NULL_WITH_SHA = { 0x00,0x55 }; -+ CipherSuite TLS_ECDH_anon_WITH_RC4_128_SHA = { 0x00,0x56 }; -+ CipherSuite TLS_ECDH_anon_WITH_DES_CBC_SHA = { 0x00,0x57 }; -+ CipherSuite TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA = { 0x00,0x58 }; -+ CipherSuite TLS_ECDH_anon_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x59 }; -+ CipherSuite TLS_ECDH_anon_EXPORT_WITH_RC4_40_SHA = { 0x00,0x5A }; -+ // DRAFT-IETF-TLS-56-BIT-CIPHERSUITES -+ CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 = { 0x00,0x60 }; -+ CipherSuite TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 = { 0x00,0x61 }; -+ CipherSuite TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA = { 0x00,0x62 }; -+ CipherSuite TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA = { 0x00,0x63 }; -+ CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_SHA = { 0x00,0x64 }; -+ CipherSuite TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA = { 0x00,0x65 }; -+ CipherSuite TLS_DHE_DSS_WITH_RC4_128_SHA = { 0x00,0x66 }; -+ // FIPS SSL (Netscape) -+ CipherSuite SSL_RSA_FIPS_WITH_DES_CBC_SHA = { 0xFE,0xFE }; -+ CipherSuite SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA = { 0xFE,0xFF }; -+ // SSL 2.0 -+ CipherSuite SSL2_RC4_128_WITH_MD5 = { 0x01,0x00,0x80 }; -+ CipherSuite SSL2_RC4_128_EXPORT40_WITH_MD5 = { 0x02,0x00,0x80 }; -+ CipherSuite SSL2_RC2_CBC_128_CBC_WITH_MD5 = { 0x03,0x00,0x80 }; -+ CipherSuite SSL2_RC2_128_CBC_EXPORT40_WITH_MD5 = { 0x04,0x00,0x80 }; -+ CipherSuite SSL2_IDEA_128_CBC_WITH_MD5 = { 0x05,0x00,0x80 }; -+ CipherSuite SSL2_DES_64_CBC_WITH_MD5 = { 0x06,0x00,0x40 }; -+ CipherSuite SSL2_DES_64_CBC_WITH_SHA = { 0x06,0x01,0x40 }; -+ CipherSuite SSL2_DES_192_EDE3_CBC_WITH_MD5 = { 0x07,0x00,0xc0 }; -+ CipherSuite SSL2_DES_192_EDE3_CBC_WITH_SHA = { 0x07,0x01,0xc0 }; -+ CipherSuite SSL2_RC4_64_WITH_MD5 = { 0x08,0x00,0x80 }; - } cipher_suite; - - ---- ssldump-0.9b3/ssl/ssl.enums.c 2014-05-04 02:02:58.000000000 +0200 -+++ ssldump-0.9b3/ssl/ssl.enums.c.ssl-enums 2014-05-04 18:37:48.000000000 +0200 -@@ -504,6 +504,11 @@ - }; - - decoder cipher_suite_decoder[]={ -+ // https://www.iana.org/assignments/tls-parameters/tls-parameters.txt -+ { -+ 0, -+ "TLS_NULL_WITH_NULL_NULL", -+ 0 }, - { - 1, - "TLS_RSA_WITH_NULL_MD5", -@@ -613,6 +618,74 @@ - "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - 0 }, - { -+ 30, -+ "TLS_KRB5_WITH_DES_CBC_SHA", -+ 0 }, -+ { -+ 31, -+ "TLS_KRB5_WITH_3DES_EDE_CBC_SHA", -+ 0 }, -+ { -+ 32, -+ "TLS_KRB5_WITH_RC4_128_SHA", -+ 0 }, -+ { -+ 33, -+ "TLS_KRB5_WITH_IDEA_CBC_SHA", -+ 0 }, -+ { -+ 34, -+ "TLS_KRB5_WITH_DES_CBC_MD5", -+ 0 }, -+ { -+ 35, -+ "TLS_KRB5_WITH_3DES_EDE_CBC_MD5", -+ 0 }, -+ { -+ 36, -+ "TLS_KRB5_WITH_RC4_128_MD5", -+ 0 }, -+ { -+ 37, -+ "TLS_KRB5_WITH_IDEA_CBC_MD5", -+ 0 }, -+ { -+ 38, -+ "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA", -+ 0 }, -+ { -+ 39, -+ "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA", -+ 0 }, -+ { -+ 40, -+ "TLS_KRB5_EXPORT_WITH_RC4_40_SHA", -+ 0 }, -+ { -+ 41, -+ "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5", -+ 0 }, -+ { -+ 42, -+ "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5", -+ 0 }, -+ { -+ 43, -+ "TLS_KRB5_EXPORT_WITH_RC4_40_MD5", -+ 0 }, -+ { -+ 44, -+ "TLS_PSK_WITH_NULL_SHA", -+ 0 }, -+ { -+ 45, -+ "TLS_DHE_PSK_WITH_NULL_SHA", -+ 0 }, -+ { -+ 46, -+ "TLS_RSA_PSK_WITH_NULL_SHA", -+ 0 }, -+ { - 47, - "TLS_RSA_WITH_AES_128_CBC_SHA", - 0 }, -@@ -661,92 +734,1216 @@ - "TLS_DH_anon_WITH_AES_256_CBC_SHA", - 0 }, - { -- 96, -- "TLS_RSA_EXPORT1024_WITH_RC4_56_MD5", -+ 59, -+ "TLS_RSA_WITH_NULL_SHA256", - 0 }, - { -- 97, -- "TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5", -+ 60, -+ "TLS_RSA_WITH_AES_128_CBC_SHA256", - 0 }, - { -- 98, -- "TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA", -+ 61, -+ "TLS_RSA_WITH_AES_256_CBC_SHA256", - 0 }, - { -- 99, -- "TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA", -+ 62, -+ "TLS_DH_DSS_WITH_AES_128_CBC_SHA256", - 0 }, - { -- 100, -- "TLS_RSA_EXPORT1024_WITH_RC4_56_SHA", -+ 63, -+ "TLS_DH_RSA_WITH_AES_128_CBC_SHA256", - 0 }, - { -- 101, -- "TLS_DHE_DSS_WITH_RC2_56_CBC_SHA", -+ 64, -+ "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", - 0 }, - { -- 102, -- "TLS_DHE_DSS_WITH_RC4_128_SHA", -+ 65, -+ "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", -+ 0 }, -+ { -+ 66, -+ "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", -+ 0 }, -+ { -+ 67, -+ "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", -+ 0 }, -+ { -+ 68, -+ "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", -+ 0 }, -+ { -+ 69, -+ "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", -+ 0 }, -+ { -+ 70, -+ "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", - 0 }, - { - 103, -- "TLS_DHE_DSS_WITH_NULL_SHA", -+ "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", - 0 }, - { -- 65664, -- "SSL2_CK_RC4", -+ 104, -+ "TLS_DH_DSS_WITH_AES_256_CBC_SHA256", - 0 }, - { -- 131200, -- "SSL2_CK_RC4_EXPORT40", -+ 105, -+ "TLS_DH_RSA_WITH_AES_256_CBC_SHA256", - 0 }, - { -- 196736, -- "SSL2_CK_RC2", -+ 106, -+ "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", - 0 }, - { -- 262272, -- "SSL2_CK_RC2_EXPORT40", -+ 107, -+ "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", - 0 }, - { -- 327808, -- "SSL2_CK_IDEA", -+ 108, -+ "TLS_DH_anon_WITH_AES_128_CBC_SHA256", - 0 }, - { -- 393280, -- "SSL2_CK_DES", -+ 109, -+ "TLS_DH_anon_WITH_AES_256_CBC_SHA256", - 0 }, - { -- 524416, -- "SSL2_CK_RC464", -+ 132, -+ "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", - 0 }, - { -- 458944, -- "SSL2_CK_3DES", -+ 133, -+ "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", - 0 }, - { -- 74, -- "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", -+ 134, -+ "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", - 0 }, - { -- 72, -+ 135, -+ "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", -+ 0 }, -+ { -+ 136, -+ "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", -+ 0 }, -+ { -+ 137, -+ "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", -+ 0 }, -+ { -+ 138, -+ "TLS_PSK_WITH_RC4_128_SHA", -+ 0 }, -+ { -+ 139, -+ "TLS_PSK_WITH_3DES_EDE_CBC_SHA", -+ 0 }, -+ { -+ 140, -+ "TLS_PSK_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 141, -+ "TLS_PSK_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { -+ 142, -+ "TLS_DHE_PSK_WITH_RC4_128_SHA", -+ 0 }, -+ { -+ 143, -+ "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA", -+ 0 }, -+ { -+ 144, -+ "TLS_DHE_PSK_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 145, -+ "TLS_DHE_PSK_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { -+ 146, -+ "TLS_RSA_PSK_WITH_RC4_128_SHA", -+ 0 }, -+ { -+ 147, -+ "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA", -+ 0 }, -+ { -+ 148, -+ "TLS_RSA_PSK_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 149, -+ "TLS_RSA_PSK_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { -+ 150, -+ "TLS_RSA_WITH_SEED_CBC_SHA", -+ 0 }, -+ { -+ 151, -+ "TLS_DH_DSS_WITH_SEED_CBC_SHA", -+ 0 }, -+ { -+ 152, -+ "TLS_DH_RSA_WITH_SEED_CBC_SHA", -+ 0 }, -+ { -+ 153, -+ "TLS_DHE_DSS_WITH_SEED_CBC_SHA", -+ 0 }, -+ { -+ 154, -+ "TLS_DHE_RSA_WITH_SEED_CBC_SHA", -+ 0 }, -+ { -+ 155, -+ "TLS_DH_anon_WITH_SEED_CBC_SHA", -+ 0 }, -+ { -+ 156, -+ "TLS_RSA_WITH_AES_128_GCM_SHA256", -+ 0 }, -+ { -+ 157, -+ "TLS_RSA_WITH_AES_256_GCM_SHA384", -+ 0 }, -+ { -+ 158, -+ "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", -+ 0 }, -+ { -+ 159, -+ "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", -+ 0 }, -+ { -+ 160, -+ "TLS_DH_RSA_WITH_AES_128_GCM_SHA256", -+ 0 }, -+ { -+ 161, -+ "TLS_DH_RSA_WITH_AES_256_GCM_SHA384", -+ 0 }, -+ { -+ 162, -+ "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", -+ 0 }, -+ { -+ 163, -+ "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", -+ 0 }, -+ { -+ 164, -+ "TLS_DH_DSS_WITH_AES_128_GCM_SHA256", -+ 0 }, -+ { -+ 165, -+ "TLS_DH_DSS_WITH_AES_256_GCM_SHA384", -+ 0 }, -+ { -+ 166, -+ "TLS_DH_anon_WITH_AES_128_GCM_SHA256", -+ 0 }, -+ { -+ 167, -+ "TLS_DH_anon_WITH_AES_256_GCM_SHA384", -+ 0 }, -+ { -+ 168, -+ "TLS_PSK_WITH_AES_128_GCM_SHA256", -+ 0 }, -+ { -+ 169, -+ "TLS_PSK_WITH_AES_256_GCM_SHA384", -+ 0 }, -+ { -+ 170, -+ "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256", -+ 0 }, -+ { -+ 171, -+ "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384", -+ 0 }, -+ { -+ 172, -+ "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256", -+ 0 }, -+ { -+ 173, -+ "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384", -+ 0 }, -+ { -+ 174, -+ "TLS_PSK_WITH_AES_128_CBC_SHA256", -+ 0 }, -+ { -+ 175, -+ "TLS_PSK_WITH_AES_256_CBC_SHA384", -+ 0 }, -+ { -+ 176, -+ "TLS_PSK_WITH_NULL_SHA256", -+ 0 }, -+ { -+ 177, -+ "TLS_PSK_WITH_NULL_SHA384", -+ 0 }, -+ { -+ 178, -+ "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256", -+ 0 }, -+ { -+ 179, -+ "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384", -+ 0 }, -+ { -+ 180, -+ "TLS_DHE_PSK_WITH_NULL_SHA256", -+ 0 }, -+ { -+ 181, -+ "TLS_DHE_PSK_WITH_NULL_SHA384", -+ 0 }, -+ { -+ 182, -+ "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256", -+ 0 }, -+ { -+ 183, -+ "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384", -+ 0 }, -+ { -+ 184, -+ "TLS_RSA_PSK_WITH_NULL_SHA256", -+ 0 }, -+ { -+ 185, -+ "TLS_RSA_PSK_WITH_NULL_SHA384", -+ 0 }, -+ { -+ 186, -+ "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 187, -+ "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 188, -+ "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 189, -+ "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 190, -+ "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 191, -+ "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 192, -+ "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256", -+ 0 }, -+ { -+ 193, -+ "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256", -+ 0 }, -+ { -+ 194, -+ "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256", -+ 0 }, -+ { -+ 195, -+ "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", -+ 0 }, -+ { -+ 196, -+ "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", -+ 0 }, -+ { -+ 197, -+ "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256", -+ 0 }, -+ { -+ 255, -+ "TLS_EMPTY_RENEGOTIATION_INFO_SCSV", -+ 0 }, -+ { -+ 49153, -+ "TLS_ECDH_ECDSA_WITH_NULL_SHA", -+ 0 }, -+ { -+ 49154, - "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - 0 }, - { -- 65408, -- "SSL_RSA_WITH_RC2_CBC_MD5", -+ 49155, -+ "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - 0 }, - { -- 73, -- "TLS_ECDH_ECDSA_WITH_DES_CBC_SHA", -+ 49156, -+ "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - 0 }, - { -- 65413, -- "TLS_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA", -+ 49157, -+ "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - 0 }, - { -- 65412, -- "TLS_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA", -+ 49158, -+ "TLS_ECDHE_ECDSA_WITH_NULL_SHA", -+ 0 }, -+ { -+ 49159, -+ "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", -+ 0 }, -+ { -+ 49160, -+ "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", -+ 0 }, -+ { -+ 49161, -+ "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 49162, -+ "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { -+ 49163, -+ "TLS_ECDH_RSA_WITH_NULL_SHA", -+ 0 }, -+ { -+ 49164, -+ "TLS_ECDH_RSA_WITH_RC4_128_SHA", -+ 0 }, -+ { -+ 49165, -+ "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", -+ 0 }, -+ { -+ 49166, -+ "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 49167, -+ "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { -+ 49168, -+ "TLS_ECDHE_RSA_WITH_NULL_SHA", -+ 0 }, -+ { -+ 49169, -+ "TLS_ECDHE_RSA_WITH_RC4_128_SHA", -+ 0 }, -+ { -+ 49170, -+ "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", -+ 0 }, -+ { -+ 49171, -+ "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 49172, -+ "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { -+ 49173, -+ "TLS_ECDH_anon_WITH_NULL_SHA", -+ 0 }, -+ { -+ 49174, -+ "TLS_ECDH_anon_WITH_RC4_128_SHA", -+ 0 }, -+ { -+ 49175, -+ "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", -+ 0 }, -+ { -+ 49176, -+ "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 49177, -+ "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { -+ 49178, -+ "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA", -+ 0 }, -+ { -+ 49179, -+ "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA", -+ 0 }, -+ { -+ 49180, -+ "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA", -+ 0 }, -+ { -+ 49181, -+ "TLS_SRP_SHA_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 49182, -+ "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 49183, -+ "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 49184, -+ "TLS_SRP_SHA_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { -+ 49185, -+ "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { -+ 49186, -+ "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { -+ 49187, -+ "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", -+ 0 }, -+ { -+ 49188, -+ "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", -+ 0 }, -+ { -+ 49189, -+ "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", -+ 0 }, -+ { -+ 49190, -+ "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", -+ 0 }, -+ { -+ 49191, -+ "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", -+ 0 }, -+ { -+ 49192, -+ "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", -+ 0 }, -+ { -+ 49193, -+ "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", -+ 0 }, -+ { -+ 49194, -+ "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", -+ 0 }, -+ { -+ 49195, -+ "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", -+ 0 }, -+ { -+ 49196, -+ "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", -+ 0 }, -+ { -+ 49197, -+ "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", -+ 0 }, -+ { -+ 49198, -+ "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", -+ 0 }, -+ { -+ 49199, -+ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", -+ 0 }, -+ { -+ 49200, -+ "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", -+ 0 }, -+ { -+ 49201, -+ "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", -+ 0 }, -+ { -+ 49202, -+ "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", -+ 0 }, -+ { -+ 49203, -+ "TLS_ECDHE_PSK_WITH_RC4_128_SHA", -+ 0 }, -+ { -+ 49204, -+ "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA", -+ 0 }, -+ { -+ 49205, -+ "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 49206, -+ "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { -+ 49207, -+ "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256", -+ 0 }, -+ { -+ 49208, -+ "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384", -+ 0 }, -+ { -+ 49209, -+ "TLS_ECDHE_PSK_WITH_NULL_SHA", -+ 0 }, -+ { -+ 49210, -+ "TLS_ECDHE_PSK_WITH_NULL_SHA256", -+ 0 }, -+ { -+ 49211, -+ "TLS_ECDHE_PSK_WITH_NULL_SHA384", -+ 0 }, -+ { -+ 49212, -+ "TLS_RSA_WITH_ARIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 49213, -+ "TLS_RSA_WITH_ARIA_256_CBC_SHA384", -+ 0 }, -+ { -+ 49214, -+ "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 49215, -+ "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384", -+ 0 }, -+ { -+ 49216, -+ "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 49217, -+ "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384", -+ 0 }, -+ { -+ 49218, -+ "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 49219, -+ "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384", -+ 0 }, -+ { -+ 49220, -+ "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 49221, -+ "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384", -+ 0 }, -+ { -+ 49222, -+ "TLS_DH_anon_WITH_ARIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 49223, -+ "TLS_DH_anon_WITH_ARIA_256_CBC_SHA384", -+ 0 }, -+ { -+ 49224, -+ "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 49225, -+ "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384", -+ 0 }, -+ { -+ 49226, -+ "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 49227, -+ "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384", -+ 0 }, -+ { -+ 49228, -+ "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 49229, -+ "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384", -+ 0 }, -+ { -+ 49230, -+ "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 49231, -+ "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384", -+ 0 }, -+ { -+ 49232, -+ "TLS_RSA_WITH_ARIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49233, -+ "TLS_RSA_WITH_ARIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49234, -+ "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49235, -+ "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49236, -+ "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49237, -+ "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49238, -+ "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49239, -+ "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49240, -+ "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49241, -+ "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49242, -+ "TLS_DH_anon_WITH_ARIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49243, -+ "TLS_DH_anon_WITH_ARIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49244, -+ "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49245, -+ "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49246, -+ "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49247, -+ "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49248, -+ "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49249, -+ "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49250, -+ "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49251, -+ "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49252, -+ "TLS_PSK_WITH_ARIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 49253, -+ "TLS_PSK_WITH_ARIA_256_CBC_SHA384", -+ 0 }, -+ { -+ 49254, -+ "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 49255, -+ "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384", -+ 0 }, -+ { -+ 49256, -+ "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 49257, -+ "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384", -+ 0 }, -+ { -+ 49258, -+ "TLS_PSK_WITH_ARIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49259, -+ "TLS_PSK_WITH_ARIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49260, -+ "TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49261, -+ "TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49262, -+ "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49263, -+ "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49264, -+ "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 49265, -+ "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384", -+ 0 }, -+ { -+ 49266, -+ "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 49267, -+ "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", -+ 0 }, -+ { -+ 49268, -+ "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 49269, -+ "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", -+ 0 }, -+ { -+ 49270, -+ "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 49271, -+ "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384", -+ 0 }, -+ { -+ 49272, -+ "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 49273, -+ "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384", -+ 0 }, -+ { -+ 49274, -+ "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49275, -+ "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49276, -+ "TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49277, -+ "TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49278, -+ "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49279, -+ "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49280, -+ "TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49281, -+ "TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49282, -+ "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49283, -+ "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49284, -+ "TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49285, -+ "TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49286, -+ "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49287, -+ "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49288, -+ "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49289, -+ "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49290, -+ "TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49291, -+ "TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49292, -+ "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49293, -+ "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49294, -+ "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49295, -+ "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49296, -+ "TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49297, -+ "TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49298, -+ "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256", -+ 0 }, -+ { -+ 49299, -+ "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384", -+ 0 }, -+ { -+ 49300, -+ "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 49301, -+ "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384", -+ 0 }, -+ { -+ 49302, -+ "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 49303, -+ "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384", -+ 0 }, -+ { -+ 49304, -+ "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 49305, -+ "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384", -+ 0 }, -+ { -+ 49306, -+ "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256", -+ 0 }, -+ { -+ 49307, -+ "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384", -+ 0 }, -+ { -+ 49308, -+ "TLS_RSA_WITH_AES_128_CCM", -+ 0 }, -+ { -+ 49309, -+ "TLS_RSA_WITH_AES_256_CCM", -+ 0 }, -+ { -+ 49310, -+ "TLS_DHE_RSA_WITH_AES_128_CCM", -+ 0 }, -+ { -+ 49311, -+ "TLS_DHE_RSA_WITH_AES_256_CCM", -+ 0 }, -+ { -+ 49312, -+ "TLS_RSA_WITH_AES_128_CCM_8", -+ 0 }, -+ { -+ 49313, -+ "TLS_RSA_WITH_AES_256_CCM_8", -+ 0 }, -+ { -+ 49314, -+ "TLS_DHE_RSA_WITH_AES_128_CCM_8", -+ 0 }, -+ { -+ 49315, -+ "TLS_DHE_RSA_WITH_AES_256_CCM_8", -+ 0 }, -+ { -+ 49316, -+ "TLS_PSK_WITH_AES_128_CCM", -+ 0 }, -+ { -+ 49317, -+ "TLS_PSK_WITH_AES_256_CCM", -+ 0 }, -+ { -+ 49318, -+ "TLS_DHE_PSK_WITH_AES_128_CCM", -+ 0 }, -+ { -+ 49319, -+ "TLS_DHE_PSK_WITH_AES_256_CCM", -+ 0 }, -+ { -+ 49320, -+ "TLS_PSK_WITH_AES_128_CCM_8", -+ 0 }, -+ { -+ 49321, -+ "TLS_PSK_WITH_AES_256_CCM_8", -+ 0 }, -+ { -+ 49322, -+ "TLS_PSK_DHE_WITH_AES_128_CCM_8", -+ 0 }, -+ { -+ 49323, -+ "TLS_PSK_DHE_WITH_AES_256_CCM_8", -+ 0 }, -+ { -+ 49324, -+ "TLS_ECDHE_ECDSA_WITH_AES_128_CCM", -+ 0 }, -+ { -+ 49325, -+ "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", -+ 0 }, -+ { -+ 49326, -+ "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", -+ 0 }, -+ { -+ 49327, -+ "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", -+ 0 }, -+ // DRAFT-IETF-TLS-ECC -+ { -+ 71, -+ "TLS_ECDH_ECDSA_WITH_NULL_SHA", -+ 0 }, -+ { -+ 72, -+ "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", -+ 0 }, -+ { -+ 73, -+ "TLS_ECDH_ECDSA_WITH_DES_CBC_SHA", -+ 0 }, -+ { -+ 74, -+ "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", -+ 0 }, -+ { -+ 75, -+ "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 76, -+ "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { -+ 75, -+ "TLS_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA", -+ 0 }, -+ { -+ 76, -+ "TLS_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA", -+ 0 }, -+ { -+ 77, -+ "TLS_ECDH_RSA_WITH_NULL_SHA", -+ 0 }, -+ { -+ 78, -+ "TLS_ECDH_RSA_WITH_RC4_128_SHA", -+ 0 }, -+ { -+ 79, -+ "TLS_ECDH_RSA_WITH_DES_CBC_SHA", -+ 0 }, -+ { -+ 80, -+ "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", -+ 0 }, -+ { -+ 81, -+ "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 82, -+ "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { -+ 83, -+ "TLS_ECDH_RSA_EXPORT_WITH_RC4_40_SHA", -+ 0 }, -+ { -+ 84, -+ "TLS_ECDH_RSA_EXPORT_WITH_RC4_56_SHA", -+ 0 }, -+ { -+ 85, -+ "TLS_ECDH_anon_NULL_WITH_SHA", -+ 0 }, -+ { -+ 86, -+ "TLS_ECDH_anon_WITH_RC4_128_SHA", -+ 0 }, -+ { -+ 87, -+ "TLS_ECDH_anon_WITH_DES_CBC_SHA", -+ 0 }, -+ { -+ 88, -+ "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", -+ 0 }, -+ { -+ 89, -+ "TLS_ECDH_anon_EXPORT_WITH_DES40_CBC_SHA", -+ 0 }, -+ { -+ 90, -+ "TLS_ECDH_anon_EXPORT_WITH_RC4_40_SHA", -+ 0 }, -+ // DRAFT-IETF-TLS-56-BIT-CIPHERSUITES -+ { -+ 96, -+ "TLS_RSA_EXPORT1024_WITH_RC4_56_MD5", -+ 0 }, -+ { -+ 97, -+ "TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5", -+ 0 }, -+ { -+ 98, -+ "TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA", -+ 0 }, -+ { -+ 99, -+ "TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA", -+ 0 }, -+ { -+ 100, -+ "TLS_RSA_EXPORT1024_WITH_RC4_56_SHA", -+ 0 }, -+ { -+ 101, -+ "TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA", -+ 0 }, -+ { -+ 102, -+ "TLS_DHE_DSS_WITH_RC4_128_SHA", -+ 0 }, -+ // FIPS SSL (Netscape) -+ { -+ 65278, -+ "SSL_RSA_FIPS_WITH_DES_CBC_SHA", -+ 0 }, -+ { -+ 65279, -+ "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA", -+ 0 }, -+ // SSL 2.0 -+ { -+ 65664, -+ "SSL2_RC4_128_WITH_MD5", -+ 0 }, -+ { -+ 131200, -+ "SSL2_RC4_128_EXPORT40_WITH_MD5", -+ 0 }, -+ { -+ 196736, -+ "SSL2_RC2_CBC_128_CBC_WITH_MD5", -+ 0 }, -+ { -+ 262272, -+ "SSL2_RC2_128_CBC_EXPORT40_WITH_MD5", -+ 0 }, -+ { -+ 327808, -+ "SSL2_IDEA_128_CBC_WITH_MD5", -+ 0 }, -+ { -+ 393280, -+ "SSL2_DES_64_CBC_WITH_MD5", -+ 0 }, -+ { -+ 393536, -+ "SSL2_DES_64_CBC_WITH_SHA", -+ 0 }, -+ { -+ 458944, -+ "SSL2_DES_192_EDE3_CBC_WITH_MD5", -+ 0 }, -+ { -+ 459200, -+ "SSL2_DES_192_EDE3_CBC_WITH_SHA", -+ 0 }, -+ { -+ 524416, -+ "SSL2_RC4_64_WITH_MD5", - 0 }, - {-1} - }; diff --git a/testing/ssldump/0100-ciphersuites.patch b/testing/ssldump/0100-ciphersuites.patch deleted file mode 100644 index e5c5434bc4..0000000000 --- a/testing/ssldump/0100-ciphersuites.patch +++ /dev/null @@ -1,161 +0,0 @@ -Patch by Robert Scheck <robert@fedoraproject.org> for ssldump >= 0.9b3 which adds -a lot of missing cipher suites to support much more application data decoding. - ---- ssldump-0.9b3/ssl/ciphersuites.c 2014-05-04 02:02:58.000000000 +0200 -+++ ssldump-0.9b3/ssl/ciphersuites.c.rsc 2014-05-04 18:33:11.000000000 +0200 -@@ -74,10 +74,11 @@ - {21,KEX_DH,SIG_RSA,ENC_DES,8,64,64,DIG_SHA,20,0}, - {22,KEX_DH,SIG_RSA,ENC_3DES,8,192,192,DIG_SHA,20,0}, - {23,KEX_DH,SIG_NONE,ENC_RC4,1,128,40,DIG_MD5,16,1}, -- {24,KEX_DH,SIG_NONE,ENC_RC4,1,128,128,DIG_MD5,16,0}, -+ {24,KEX_DH,SIG_NONE,ENC_RC4,1,128,128,DIG_MD5,16,0}, - {25,KEX_DH,SIG_NONE,ENC_DES,8,64,40,DIG_MD5,16,1}, - {26,KEX_DH,SIG_NONE,ENC_DES,8,64,64,DIG_MD5,16,0}, - {27,KEX_DH,SIG_NONE,ENC_3DES,8,192,192,DIG_MD5,16,0}, -+ // Missing: 44-46 - {47,KEX_RSA,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0}, - {48,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0}, - {49,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0}, -@@ -90,13 +91,141 @@ - {56,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0}, - {57,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0}, - {58,KEX_DH,SIG_NONE,ENC_AES256,16,256,256,DIG_SHA,20,0}, -+ {59,KEX_RSA,SIG_RSA,ENC_NULL,0,0,0,DIG_SHA256,32,0}, -+ {60,KEX_RSA,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA256,32,0}, -+ {61,KEX_RSA,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA256,32,0}, -+ {62,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA256,32,0}, -+ {63,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA256,32,0}, -+ {64,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA256,32,0}, -+ {65,KEX_RSA,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA,20,0}, -+ {66,KEX_DH,SIG_DSS,ENC_CAMELLIA128,16,128,128,DIG_SHA,20,0}, -+ {67,KEX_DH,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA,20,0}, -+ {68,KEX_DH,SIG_DSS,ENC_CAMELLIA128,16,128,128,DIG_SHA,20,0}, -+ {69,KEX_DH,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA,20,0}, -+ {70,KEX_DH,SIG_NONE,ENC_CAMELLIA128,16,128,128,DIG_SHA,20,0}, - {96,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_MD5,16,1}, - {97,KEX_RSA,SIG_RSA,ENC_RC2,1,128,56,DIG_MD5,16,1}, - {98,KEX_RSA,SIG_RSA,ENC_DES,8,64,64,DIG_SHA,20,1}, - {99,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,20,1}, - {100,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_SHA,20,1}, -- {101,KEX_DH,SIG_DSS,ENC_RC4,1,128,56,DIG_SHA,20,1}, -+ {101,KEX_DH,SIG_DSS,ENC_RC4,1,128,56,DIG_SHA,20,1}, - {102,KEX_DH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA,20,0}, -+ {103,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA256,32,0}, -+ {104,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA256,32,0}, -+ {105,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA256,32,0}, -+ {106,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA256,32,0}, -+ {107,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA256,32,0}, -+ {108,KEX_DH,SIG_NONE,ENC_AES128,16,128,128,DIG_SHA256,32,0}, -+ {109,KEX_DH,SIG_NONE,ENC_AES256,16,256,256,DIG_SHA256,32,0}, -+ {132,KEX_RSA,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA,20,0}, -+ {133,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA,20,0}, -+ {134,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA,20,0}, -+ {135,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA,20,0}, -+ {136,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA,20,0}, -+ {137,KEX_DH,SIG_NONE,ENC_CAMELLIA256,16,256,256,DIG_SHA,20,0}, -+ // Missing: 138-149 -+ {150,KEX_RSA,SIG_RSA,ENC_SEED,16,128,128,DIG_SHA,20,0}, -+ {151,KEX_DH,SIG_DSS,ENC_SEED,16,128,128,DIG_SHA,20,0}, -+ {152,KEX_DH,SIG_RSA,ENC_SEED,16,128,128,DIG_SHA,20,0}, -+ {153,KEX_DH,SIG_DSS,ENC_SEED,16,128,128,DIG_SHA,20,0}, -+ {154,KEX_DH,SIG_RSA,ENC_SEED,16,128,128,DIG_SHA,20,0}, -+ {155,KEX_DH,SIG_NONE,ENC_SEED,16,128,128,DIG_SHA,20,0}, -+ {156,KEX_RSA,SIG_RSA,ENC_AES128,4,128,128,DIG_SHA256,32,0}, -+ {157,KEX_RSA,SIG_RSA,ENC_AES256,4,256,256,DIG_SHA384,48,0}, -+ {158,KEX_DH,SIG_RSA,ENC_AES128,4,128,128,DIG_SHA256,32,0}, -+ {159,KEX_DH,SIG_RSA,ENC_AES256,4,256,256,DIG_SHA384,48,0}, -+ {160,KEX_DH,SIG_RSA,ENC_AES128,4,128,128,DIG_SHA256,32,0}, -+ {161,KEX_DH,SIG_RSA,ENC_AES256,4,256,256,DIG_SHA384,48,0}, -+ {162,KEX_DH,SIG_DSS,ENC_AES128,4,128,128,DIG_SHA256,32,0}, -+ {163,KEX_DH,SIG_DSS,ENC_AES256,4,256,256,DIG_SHA384,48,0}, -+ {164,KEX_DH,SIG_DSS,ENC_AES128,4,128,128,DIG_SHA256,32,0}, -+ {165,KEX_DH,SIG_DSS,ENC_AES256,4,256,256,DIG_SHA384,48,0}, -+ {166,KEX_DH,SIG_NONE,ENC_AES128,4,128,128,DIG_SHA256,32,0}, -+ {167,KEX_DH,SIG_NONE,ENC_AES256,4,256,256,DIG_SHA384,48,0}, -+ // Missing: 168-185 -+ {186,KEX_RSA,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0}, -+ {187,KEX_DH,SIG_DSS,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0}, -+ {188,KEX_DH,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0}, -+ {189,KEX_DH,SIG_DSS,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0}, -+ {190,KEX_DH,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0}, -+ {191,KEX_DH,SIG_NONE,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0}, -+ {192,KEX_RSA,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0}, -+ {193,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0}, -+ {194,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0}, -+ {195,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0}, -+ {196,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0}, -+ {197,KEX_DH,SIG_NONE,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0}, -+ {49153,KEX_DH,SIG_DSS,ENC_NULL,0,0,0,DIG_SHA,20,0}, -+ {49154,KEX_DH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA,20,0}, -+ {49155,KEX_DH,SIG_DSS,ENC_3DES,8,192,192,DIG_SHA,20,0}, -+ {49156,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0}, -+ {49157,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0}, -+ {49158,KEX_DH,SIG_DSS,ENC_NULL,0,0,0,DIG_SHA,20,0}, -+ {49159,KEX_DH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA,20,0}, -+ {49160,KEX_DH,SIG_DSS,ENC_3DES,8,192,192,DIG_SHA,20,0}, -+ {49161,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0}, -+ {49162,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0}, -+ {49163,KEX_DH,SIG_RSA,ENC_NULL,0,0,0,DIG_SHA,20,0}, -+ {49164,KEX_DH,SIG_RSA,ENC_RC4,1,128,128,DIG_SHA,20,0}, -+ {49165,KEX_DH,SIG_RSA,ENC_3DES,8,192,192,DIG_SHA,20,0}, -+ {49166,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0}, -+ {49167,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0}, -+ {49168,KEX_DH,SIG_RSA,ENC_NULL,0,0,0,DIG_SHA,20,0}, -+ {49169,KEX_DH,SIG_RSA,ENC_RC4,1,128,128,DIG_SHA,20,0}, -+ {49170,KEX_DH,SIG_RSA,ENC_3DES,8,192,192,DIG_SHA,20,0}, -+ {49171,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0}, -+ {49172,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0}, -+ {49173,KEX_DH,SIG_NONE,ENC_NULL,0,0,0,DIG_SHA,20,0}, -+ {49174,KEX_DH,SIG_NONE,ENC_RC4,1,128,128,DIG_SHA,20,0}, -+ {49175,KEX_DH,SIG_NONE,ENC_3DES,8,192,192,DIG_SHA,20,0}, -+ {49176,KEX_DH,SIG_NONE,ENC_AES128,16,128,128,DIG_SHA,20,0}, -+ {49177,KEX_DH,SIG_NONE,ENC_AES256,16,256,256,DIG_SHA,20,0}, -+ {49187,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA256,32,0}, -+ {49188,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA384,48,0}, -+ {49189,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA256,32,0}, -+ {49190,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA384,48,0}, -+ {49191,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA256,32,0}, -+ {49192,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA384,48,0}, -+ {49193,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA256,32,0}, -+ {49194,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA384,48,0}, -+ {49195,KEX_DH,SIG_DSS,ENC_AES128,4,128,128,DIG_SHA256,32,0}, -+ {49196,KEX_DH,SIG_DSS,ENC_AES256,4,256,256,DIG_SHA384,48,0}, -+ {49197,KEX_DH,SIG_DSS,ENC_AES128,4,128,128,DIG_SHA256,32,0}, -+ {49198,KEX_DH,SIG_DSS,ENC_AES256,4,256,256,DIG_SHA384,48,0}, -+ {49199,KEX_DH,SIG_RSA,ENC_AES128,4,128,128,DIG_SHA256,32,0}, -+ {49200,KEX_DH,SIG_RSA,ENC_AES256,4,256,256,DIG_SHA384,48,0}, -+ {49201,KEX_DH,SIG_RSA,ENC_AES128,4,128,128,DIG_SHA256,32,0}, -+ {49202,KEX_DH,SIG_RSA,ENC_AES256,4,256,256,DIG_SHA384,48,0}, -+ // Missing: 49203-49211 -+ {49266,KEX_DH,SIG_DSS,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0}, -+ {49267,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA256,48,0}, -+ {49268,KEX_DH,SIG_DSS,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0}, -+ {49269,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA256,48,0}, -+ {49270,KEX_DH,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0}, -+ {49271,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA256,48,0}, -+ {49272,KEX_DH,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0}, -+ {49273,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA256,48,0}, -+ {49274,KEX_RSA,SIG_RSA,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0}, -+ {49275,KEX_RSA,SIG_RSA,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0}, -+ {49276,KEX_DH,SIG_RSA,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0}, -+ {49277,KEX_DH,SIG_RSA,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0}, -+ {49278,KEX_DH,SIG_RSA,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0}, -+ {49279,KEX_DH,SIG_RSA,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0}, -+ {49280,KEX_DH,SIG_DSS,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0}, -+ {49281,KEX_DH,SIG_DSS,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0}, -+ {49282,KEX_DH,SIG_DSS,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0}, -+ {49283,KEX_DH,SIG_DSS,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0}, -+ {49284,KEX_DH,SIG_NONE,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0}, -+ {49285,KEX_DH,SIG_NONE,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0}, -+ {49286,KEX_DH,SIG_DSS,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0}, -+ {49287,KEX_DH,SIG_DSS,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0}, -+ {49288,KEX_DH,SIG_DSS,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0}, -+ {49289,KEX_DH,SIG_DSS,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0}, -+ {49290,KEX_DH,SIG_RSA,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0}, -+ {49291,KEX_DH,SIG_RSA,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0}, -+ {49292,KEX_DH,SIG_RSA,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0}, -+ {49293,KEX_DH,SIG_RSA,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0}, -+ // Missing: 49294-49307 - {-1} - }; - diff --git a/testing/ssldump/APKBUILD b/testing/ssldump/APKBUILD index bebf2fd00a..abfbadf4bf 100644 --- a/testing/ssldump/APKBUILD +++ b/testing/ssldump/APKBUILD @@ -1,66 +1,37 @@ # Contributor: Jakub Jirutka <jakub@jirutka.cz> # Maintainer: -pkgname="ssldump" -pkgver="0.9b3" -pkgrel=1 -pkgdesc="An SSLv3/TLS network protocol analyzer" -url="http://ssldump.sourceforge.net/" +pkgname=ssldump +pkgver=1.4 +pkgrel=0 +pkgdesc="SSLv3/TLS network protocol analyzer" +url="https://github.com/adulau/ssldump" arch="all" license="BSD-4-Clause" -makedepends="autoconf libpcap-dev openssl-dev" subpackages="$pkgname-doc" -source="https://downloads.sourceforge.net/ssldump/ssldump-$pkgver.tar.gz" -# Patches from Fedora -source="$source - 0010-openssl.patch - 0020-libpcap.patch - 0030-aes.patch - 0040-cvs-20060619.patch - 0050-table-stops.patch - 0060-link_layer.patch - 0070-pcap-vlan.patch - 0080-tlsv12.patch - 0090-ssl-enums.patch - 0100-ciphersuites.patch - " -builddir="$srcdir/ssldump-$pkgver" options="!check" # no tests provided +makedepends="autoconf automake libnet-dev json-c-dev fts-dev libpcap-dev openssl-dev" +source="https://github.com/adulau/ssldump/archive/v$pkgver/ssldump-$pkgver.tar.gz + " prepare() { - update_config_guess - update_config_sub default_prepare - - # Rebuilding of configure file is needed for 0020-libpcap.patch - autoconf --force + ./autogen.sh } build() { ./configure \ - --build=$CBUILD \ - --host=$CHOST \ --prefix=/usr \ --sysconfdir=/etc \ --mandir=/usr/share/man \ + --datarootdir=/usr/share \ + --docdir=/usr/share/doc \ --localstatedir=/var make } package() { - make install BINDIR="$pkgdir/usr/sbin" MANDIR="$pkgdir/usr/share/man" + make install sbindir="$pkgdir/usr/sbin" mandir="$pkgdir/usr/share/man" docdir="$pkgdir/usr/share/doc" install -D -m 644 COPYRIGHT "$pkgdir"/usr/share/licenses/$pkgname/COPYRIGHT - - chmod 644 "$pkgdir"/usr/share/man/man1/*.1* } -sha512sums="ea81558a243950ab43354c9f33c0a4feae0ae859bc2bd6e6b58838a01f4a1e7a6447f2a9ab1fa40bbe8dbd6c3630c489c17fc9c066cacfddfb64269b0cd5090a ssldump-0.9b3.tar.gz -3d06916b841612d158a5f7c87e7c68a9046ce5842ac11610ec6bf3c83619feecdd66293c66037f2e271496c8439896a4531c0de8ed866a898e310a1fd1de5aca 0010-openssl.patch -12fff42b22baadfde4a0faf12c2336d47811cd36873034cfd81b269f0578c2be4226657b6da6dc5ebcf7b11070f48d357ba1580b47d62619fce3980ea2629bae 0020-libpcap.patch -17a2f401b3ebb171628745041609f96ce82d1b4993d053443a3315b562ea2f8112184dbec0373ae11888c8f0d3c8a7728f3a6ca0a3de5375efd44aabe599ad02 0030-aes.patch -4b9bfa0d10efa322f634c1326b210a7220c23c12c2cb2de9e00383f0d83fa558f578a16d428f035d179f3f692510756fd382efad69c877b9fe2bfacb4c7406e3 0040-cvs-20060619.patch -3bfff13a5d4fdd0684512692309a2ff70eb63d472c4982e7e191073091a419b289b70fbf9604a794dd9b30cf60601b5b7403e2f9decb109f752471114388a4dd 0050-table-stops.patch -912f47fbd686d4f4d68015e57dc92eba284e12dc146184f8cc4165e8e9a795f530d1e572dfb1a2292a3dee0c8f84f29f400375ab99e9215fec921d0464ef8e2d 0060-link_layer.patch -94592125add14409be20981516a8f81765b61fb932dc6004bee7d91e0828b40117ce1f378c4ae7e65725bd645ff827648cf652a7ce8090e49afac0ef5284901e 0070-pcap-vlan.patch -7e68d8ca844348b2440b795372f40af614f99e6e14baa7552de1f8eb1fa72d38771be1b904ee13f1141cf14cb8968f9fcd192c2a2b63885152225090ef20e3e6 0080-tlsv12.patch -8e4e0e19a4ea45e8f98f8e918ddf0cde8a5d0a5fa89558bcfcbb14153e0babee7ff9edaebd6653a5fd6fb95624f47d62b85f2115d7bc25f4f4b6e35844e0f4a3 0090-ssl-enums.patch -86c9ccd83fce92ff72eadd6e9a8e6a2442437e6778d735fae58ca359f390812d1102044058701189608251006de07478024dd389fe7bd9d3834e33039eaf2277 0100-ciphersuites.patch" +sha512sums="fb17c5610dcfce3e8020a5148d37be5b2fbc3083d78727281922ae32b5905c4aa882cd368c3581238f3492c6b5bab943dcff6a966d64160a3836d6a95bdc7682 ssldump-1.4.tar.gz" |