adium 5779:0867cdb71afd: Fix this check to properly notice when ...

Wed Dec 4 17:23:28 UTC 2013

details:	http://hg.adium.im/adium/rev/0867cdb71afd
revision:	5779:0867cdb71afd
branch:		adium-1.5.10
author:		Thijs Alkemade <me at thijsalkema.de>
date:		Wed Dec 04 18:20:18 2013 +0100

Fix this check to properly notice when it's not building on 10.9.
Subject: adium 5780:d2d6645f5e9d: Removed the following TLS ciphers:

details:	http://hg.adium.im/adium/rev/d2d6645f5e9d
revision:	5780:d2d6645f5e9d
branch:		adium-1.5.10
author:		Thijs Alkemade <me at thijsalkema.de>
date:		Wed Dec 04 18:23:18 2013 +0100

Removed the following TLS ciphers:

- SSL_RSA_WITH_3DES_EDE_CBC_MD5
- SSL_RSA_WITH_RC2_CBC_MD5
- SSL_RSA_WITH_RC4_128_MD5

Added:

- TLS_RSA_WITH_AES_128_CBC_SHA256
- TLS_RSA_WITH_AES_256_CBC_SHA256
- TLS_DH_DSS_WITH_AES_128_CBC_SHA256
- TLS_DH_RSA_WITH_AES_128_CBC_SHA256
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_DH_DSS_WITH_AES_256_CBC_SHA256
- TLS_DH_RSA_WITH_AES_256_CBC_SHA256
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA256

diffs (140 lines):

diff -r 965b52fbbb24 -r d2d6645f5e9d Plugins/Purple Service/libpurple_extensions/ssl-cdsa.c

--- a/Plugins/Purple Service/libpurple_extensions/ssl-cdsa.c	Wed Dec 04 18:00:35 2013 +0100
+++ b/Plugins/Purple Service/libpurple_extensions/ssl-cdsa.c	Wed Dec 04 18:23:18 2013 +0100
@@ -313,67 +313,75 @@
 static gboolean
 ssl_cdsa_use_cipher(SSLCipherSuite suite) {
 	switch (suite) {
-		case SSL_RSA_WITH_3DES_EDE_CBC_MD5:
-		case SSL_RSA_WITH_RC2_CBC_MD5:
-		case SSL_RSA_WITH_3DES_EDE_CBC_SHA:
 		case SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA:
 		case SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA:
 		case SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA:
 		case SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
+		case SSL_RSA_WITH_3DES_EDE_CBC_SHA:
+		case SSL_RSA_WITH_RC4_128_SHA:
+		case TLS_DH_DSS_WITH_AES_128_CBC_SHA:
+		case TLS_DH_DSS_WITH_AES_128_CBC_SHA256:
+		case TLS_DH_DSS_WITH_AES_128_GCM_SHA256:
+		case TLS_DH_DSS_WITH_AES_256_CBC_SHA:
+		case TLS_DH_DSS_WITH_AES_256_CBC_SHA256:
+		case TLS_DH_DSS_WITH_AES_256_GCM_SHA384:
+		case TLS_DH_RSA_WITH_AES_128_CBC_SHA:
+		case TLS_DH_RSA_WITH_AES_128_CBC_SHA256:
+		case TLS_DH_RSA_WITH_AES_128_GCM_SHA256:
+		case TLS_DH_RSA_WITH_AES_256_CBC_SHA:
+		case TLS_DH_RSA_WITH_AES_256_CBC_SHA256:
+		case TLS_DH_RSA_WITH_AES_256_GCM_SHA384:
+		case TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
+		case TLS_DHE_DSS_WITH_AES_128_CBC_SHA256:
+		case TLS_DHE_DSS_WITH_AES_128_GCM_SHA256:
+		case TLS_DHE_DSS_WITH_AES_256_CBC_SHA:
+		case TLS_DHE_DSS_WITH_AES_256_CBC_SHA256:
+		case TLS_DHE_DSS_WITH_AES_256_GCM_SHA384:
+		case TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
+		case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
+		case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
+		case TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
+		case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
+		case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
 		case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA:
+		case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA:
+		case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
+		case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
+		case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA:
+		case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
+		case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
+		case TLS_ECDH_ECDSA_WITH_RC4_128_SHA:
+		case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA:
+		case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA:
+		case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256:
+		case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256:
+		case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA:
+		case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:
+		case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384:
+		case TLS_ECDH_RSA_WITH_RC4_128_SHA:
 		case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
-		case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA:
+		case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
+		case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
+		case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
+		case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
+		case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
+		case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
+		case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
 		case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
-		case SSL_RSA_WITH_RC4_128_MD5:
-		case SSL_RSA_WITH_RC4_128_SHA:
-		case TLS_ECDH_ECDSA_WITH_RC4_128_SHA:
-		case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
-		case TLS_ECDH_RSA_WITH_RC4_128_SHA:
+		case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
+		case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
+		case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
+		case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
+		case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
+		case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
 		case TLS_ECDHE_RSA_WITH_RC4_128_SHA:
 		case TLS_RSA_WITH_AES_128_CBC_SHA:
-		case TLS_DH_DSS_WITH_AES_128_CBC_SHA:
-		case TLS_DH_RSA_WITH_AES_128_CBC_SHA:
-		case TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
-		case TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
-		case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA:
-		case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
-		case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA:
-		case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
+		case TLS_RSA_WITH_AES_128_CBC_SHA256:
+		case TLS_RSA_WITH_AES_128_GCM_SHA256:
 		case TLS_RSA_WITH_AES_256_CBC_SHA:
-		case TLS_DH_DSS_WITH_AES_256_CBC_SHA:
-		case TLS_DH_RSA_WITH_AES_256_CBC_SHA:
-		case TLS_DHE_DSS_WITH_AES_256_CBC_SHA:
-		case TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
-		case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA:
-		case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
-		case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA:
-		case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
-		case TLS_RSA_WITH_AES_128_GCM_SHA256:
+		case TLS_RSA_WITH_AES_256_CBC_SHA256:
 		case TLS_RSA_WITH_AES_256_GCM_SHA384:
-		case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
-		case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
-		case TLS_DH_RSA_WITH_AES_128_GCM_SHA256:
-		case TLS_DH_RSA_WITH_AES_256_GCM_SHA384:
-		case TLS_DHE_DSS_WITH_AES_128_GCM_SHA256:
-		case TLS_DHE_DSS_WITH_AES_256_GCM_SHA384:
-		case TLS_DH_DSS_WITH_AES_128_GCM_SHA256:
-		case TLS_DH_DSS_WITH_AES_256_GCM_SHA384:
-		case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
-		case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
-		case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
-		case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
-		case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
-		case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
-		case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256:
-		case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:
-		case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
-		case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
-		case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
-		case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
-		case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
-		case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
-		case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256:
-		case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384:
+		
 			return TRUE;
 			
 		default:
@@ -505,8 +513,8 @@
         protoErr = SSLSetProtocolVersionEnabled(cdsa_data->ssl_ctx, kTLSProtocol1, true);
     }
     
-#if MAC_OS_X_VERSION_MAX_ALLOWED <= MAC_OS_X_VERSION_10_9
-    #define kSSLSessionOptionSendOneByteRecord 4 /* Appears in 10.9 */
+#if MAC_OS_X_VERSION_MIN_REQUIRED < MAC_OS_X_VERSION_10_9
+	#define kSSLSessionOptionSendOneByteRecord 4 /* Appears in 10.9 */
 #endif
     
     if (purple_account_get_bool(account, PURPLE_SSL_CDSA_BEAST_TLS_WORKAROUND, false)) {


