diff options
| author |   jsing <jsing@openbsd.org> | 2017-08-28 16:37:04 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2017-08-28 16:37:04 +0000 |
| commit | 6e5826bac3ef14da47f44702f8c4778d0cfadb60 (patch) | |
| tree | 0e8c1470aac2d36d9663c36948a91fda98c3a893 /lib/libssl/ssl_ciph.c | |
| parent | fix char ** to const char ** conversion warning; ok mikeb@ (diff) | |
| download | wireguard-openbsd-6e5826bac3ef14da47f44702f8c4778d0cfadb60.tar.xz wireguard-openbsd-6e5826bac3ef14da47f44702f8c4778d0cfadb60.zip | |
Remove the original (pre-IETF) chacha20-poly1305 cipher suites.
Support for the IETF standardised chacha20-poly1305 cipher suites was
added 16 months ago, which means they exist in both of the currently
supported OpenBSD releases.
Also prompted by Andreas Bartelt <obsd at bartula dot de>.
ok beck@ doug@
Diffstat (limited to 'lib/libssl/ssl_ciph.c')
| -rw-r--r-- | lib/libssl/ssl_ciph.c | 14 |
1 files changed, 2 insertions, 12 deletions
diff --git a/lib/libssl/ssl_ciph.c b/lib/libssl/ssl_ciph.c index 49af292d6c0..f30ffeaf2c6 100644 --- a/lib/libssl/ssl_ciph.c +++ b/lib/libssl/ssl_ciph.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_ciph.c,v 1.96 2017/03/10 16:03:27 jsing Exp $ */ +/* $OpenBSD: ssl_ciph.c,v 1.97 2017/08/28 16:37:04 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -388,7 +388,7 @@ static const SSL_CIPHER cipher_aliases[] = { }, { .name = SSL_TXT_CHACHA20, - .algorithm_enc = SSL_CHACHA20POLY1305|SSL_CHACHA20POLY1305_OLD, + .algorithm_enc = SSL_CHACHA20POLY1305, }, /* MAC aliases */ @@ -690,9 +690,6 @@ ssl_cipher_get_evp_aead(const SSL_SESSION *s, const EVP_AEAD **aead) case SSL_CHACHA20POLY1305: *aead = EVP_aead_chacha20_poly1305(); return 1; - case SSL_CHACHA20POLY1305_OLD: - *aead = EVP_aead_chacha20_poly1305_old(); - return 1; default: break; } @@ -1394,8 +1391,6 @@ ssl_create_cipher_list(const SSL_METHOD *ssl_method, CIPHER_ADD, -1, &head, &tail); ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20POLY1305, 0, 0, 0, CIPHER_ADD, -1, &head, &tail); - ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20POLY1305_OLD, - 0, 0, 0, CIPHER_ADD, -1, &head, &tail); } else { /* * CHACHA20 is fast and safe on all hardware and is thus our @@ -1403,8 +1398,6 @@ ssl_create_cipher_list(const SSL_METHOD *ssl_method, */ ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20POLY1305, 0, 0, 0, CIPHER_ADD, -1, &head, &tail); - ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20POLY1305_OLD, - 0, 0, 0, CIPHER_ADD, -1, &head, &tail); ssl_cipher_apply_rule(0, 0, 0, SSL_AES, 0, 0, 0, CIPHER_ADD, -1, &head, &tail); } @@ -1628,9 +1621,6 @@ SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) case SSL_CHACHA20POLY1305: enc = "ChaCha20-Poly1305"; break; - case SSL_CHACHA20POLY1305_OLD: - enc = "ChaCha20-Poly1305-Old"; - break; case SSL_eGOST2814789CNT: enc = "GOST-28178-89-CNT"; break; |