diff options
| author |   jsing <jsing@openbsd.org> | 2016-11-06 12:08:32 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2016-11-06 12:08:32 +0000 |
| commit | 1ec615851ef0d27f0314f64d9c0ef773cf5cf921 (patch) | |
| tree | 671edfc0bcb5d9821c325c8e60ecaab8aee21089 | |
| parent | unifdef -m -UOPENSSL_NO_CHACHA -UOPENSSL_NO_POLY1305 (diff) | |
| download | wireguard-openbsd-1ec615851ef0d27f0314f64d9c0ef773cf5cf921.tar.xz wireguard-openbsd-1ec615851ef0d27f0314f64d9c0ef773cf5cf921.zip | |
Remove the single IDEA cipher suite. There is no good reason to support
this.
ok beck@ bcook@
| -rw-r--r-- | lib/libssl/s3_lib.c | 20 | ||||
| -rw-r--r-- | lib/libssl/ssl_algs.c | 5 | ||||
| -rw-r--r-- | lib/libssl/ssl_ciph.c | 7 |
3 files changed, 3 insertions, 29 deletions
diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index 6c4383fb221..8a7a98507af 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.110 2016/11/06 11:58:13 jsing Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.111 2016/11/06 12:08:32 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -234,24 +234,6 @@ SSL_CIPHER ssl3_ciphers[] = { .alg_bits = 128, }, - /* Cipher 07 */ -#ifndef OPENSSL_NO_IDEA - { - .valid = 1, - .name = SSL3_TXT_RSA_IDEA_128_SHA, - .id = SSL3_CK_RSA_IDEA_128_SHA, - .algorithm_mkey = SSL_kRSA, - .algorithm_auth = SSL_aRSA, - .algorithm_enc = SSL_IDEA, - .algorithm_mac = SSL_SHA1, - .algorithm_ssl = SSL_SSLV3, - .algo_strength = SSL_MEDIUM, - .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, - .strength_bits = 128, - .alg_bits = 128, - }, -#endif - /* Cipher 09 */ { .valid = 1, diff --git a/lib/libssl/ssl_algs.c b/lib/libssl/ssl_algs.c index 3010a735c96..ee1919c7252 100644 --- a/lib/libssl/ssl_algs.c +++ b/lib/libssl/ssl_algs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_algs.c,v 1.22 2014/12/14 15:30:50 jsing Exp $ */ +/* $OpenBSD: ssl_algs.c,v 1.23 2016/11/06 12:08:32 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -71,9 +71,6 @@ SSL_library_init(void) EVP_add_cipher(EVP_des_cbc()); EVP_add_cipher(EVP_des_ede3_cbc()); #endif -#ifndef OPENSSL_NO_IDEA - EVP_add_cipher(EVP_idea_cbc()); -#endif #ifndef OPENSSL_NO_RC4 EVP_add_cipher(EVP_rc4()); #if !defined(OPENSSL_NO_MD5) && (defined(__x86_64) || defined(__x86_64__)) diff --git a/lib/libssl/ssl_ciph.c b/lib/libssl/ssl_ciph.c index 2921933c286..af5c83fcaf0 100644 --- a/lib/libssl/ssl_ciph.c +++ b/lib/libssl/ssl_ciph.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_ciph.c,v 1.88 2016/11/06 11:58:13 jsing Exp $ */ +/* $OpenBSD: ssl_ciph.c,v 1.89 2016/11/06 12:08:32 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -479,12 +479,7 @@ ssl_load_ciphers(void) EVP_get_cipherbyname(SN_des_ede3_cbc); ssl_cipher_methods[SSL_ENC_RC4_IDX] = EVP_get_cipherbyname(SN_rc4); -#ifndef OPENSSL_NO_IDEA - ssl_cipher_methods[SSL_ENC_IDEA_IDX] = - EVP_get_cipherbyname(SN_idea_cbc); -#else ssl_cipher_methods[SSL_ENC_IDEA_IDX] = NULL; -#endif ssl_cipher_methods[SSL_ENC_AES128_IDX] = EVP_get_cipherbyname(SN_aes_128_cbc); ssl_cipher_methods[SSL_ENC_AES256_IDX] = |