diff options
| author |   jsing <jsing@openbsd.org> | 2017-08-28 16:37:04 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2017-08-28 16:37:04 +0000 |
| commit | 6e5826bac3ef14da47f44702f8c4778d0cfadb60 (patch) | |
| tree | 0e8c1470aac2d36d9663c36948a91fda98c3a893 /lib/libssl/s3_lib.c | |
| parent | fix char ** to const char ** conversion warning; ok mikeb@ (diff) | |
| download | wireguard-openbsd-6e5826bac3ef14da47f44702f8c4778d0cfadb60.tar.xz wireguard-openbsd-6e5826bac3ef14da47f44702f8c4778d0cfadb60.zip | |
Remove the original (pre-IETF) chacha20-poly1305 cipher suites.
Support for the IETF standardised chacha20-poly1305 cipher suites was
added 16 months ago, which means they exist in both of the currently
supported OpenBSD releases.
Also prompted by Andreas Bartelt <obsd at bartula dot de>.
ok beck@ doug@
Diffstat (limited to 'lib/libssl/s3_lib.c')
| -rw-r--r-- | lib/libssl/s3_lib.c | 53 |
1 files changed, 1 insertions, 52 deletions
diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index acbe30d8040..bbf0444c212 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.158 2017/08/12 21:03:08 jsing Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.159 2017/08/28 16:37:04 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1299,57 +1299,6 @@ SSL_CIPHER ssl3_ciphers[] = { .alg_bits = 256, }, - /* Cipher CC13 */ - { - .valid = 1, - .name = TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305_OLD, - .id = TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305_OLD, - .algorithm_mkey = SSL_kECDHE, - .algorithm_auth = SSL_aRSA, - .algorithm_enc = SSL_CHACHA20POLY1305_OLD, - .algorithm_mac = SSL_AEAD, - .algorithm_ssl = SSL_TLSV1_2, - .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256| - SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(0), - .strength_bits = 256, - .alg_bits = 256, - }, - - /* Cipher CC14 */ - { - .valid = 1, - .name = TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_OLD, - .id = TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305_OLD, - .algorithm_mkey = SSL_kECDHE, - .algorithm_auth = SSL_aECDSA, - .algorithm_enc = SSL_CHACHA20POLY1305_OLD, - .algorithm_mac = SSL_AEAD, - .algorithm_ssl = SSL_TLSV1_2, - .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256| - SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(0), - .strength_bits = 256, - .alg_bits = 256, - }, - - /* Cipher CC15 */ - { - .valid = 1, - .name = TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305_OLD, - .id = TLS1_CK_DHE_RSA_CHACHA20_POLY1305_OLD, - .algorithm_mkey = SSL_kDHE, - .algorithm_auth = SSL_aRSA, - .algorithm_enc = SSL_CHACHA20POLY1305_OLD, - .algorithm_mac = SSL_AEAD, - .algorithm_ssl = SSL_TLSV1_2, - .algo_strength = SSL_HIGH, - .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256| - SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(0), - .strength_bits = 256, - .alg_bits = 256, - }, - /* Cipher CCA8 */ { .valid = 1, |