summaryrefslogtreecommitdiff
path: root/src/lib/libssl/s3_clnt.c
diff options
context:
space:
mode:
authorjsing <>2014-12-10 15:36:47 +0000
committerjsing <>2014-12-10 15:36:47 +0000
commit1434a91c4d4dc782915ce81dd056fa8f6cb77ae1 (patch)
tree8f2441ed940045edc4ad4d11ab3d8395f2830a78 /src/lib/libssl/s3_clnt.c
parent7b2f3298f7eb7ce5cfd1c3eb55b1ecc89118f52c (diff)
downloadopenbsd-1434a91c4d4dc782915ce81dd056fa8f6cb77ae1.tar.gz
openbsd-1434a91c4d4dc782915ce81dd056fa8f6cb77ae1.tar.bz2
openbsd-1434a91c4d4dc782915ce81dd056fa8f6cb77ae1.zip
Remove support for GOST R 34.10-94 signature authentication, along with
the two ciphersuites that use it. GOST94 public/private keys have been long obsoleted and libcrypto does not have support for them anyway. Discussed with Dmitry Eremin-Solenikov.
Diffstat (limited to 'src/lib/libssl/s3_clnt.c')
-rw-r--r--src/lib/libssl/s3_clnt.c4
1 files changed, 1 insertions, 3 deletions
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c
index b3dbe32745..6a54dfa359 100644
--- a/src/lib/libssl/s3_clnt.c
+++ b/src/lib/libssl/s3_clnt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_clnt.c,v 1.97 2014/12/06 14:24:26 jsing Exp $ */ 1/* $OpenBSD: s3_clnt.c,v 1.98 2014/12/10 15:36:46 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -2207,8 +2207,6 @@ ssl3_send_client_key_exchange(SSL *s)
2207 2207
2208 /* Get server sertificate PKEY and create ctx from it */ 2208 /* Get server sertificate PKEY and create ctx from it */
2209 peer_cert = s->session->sess_cert->peer_pkeys[SSL_PKEY_GOST01].x509; 2209 peer_cert = s->session->sess_cert->peer_pkeys[SSL_PKEY_GOST01].x509;
2210 if (!peer_cert)
2211 peer_cert = s->session->sess_cert->peer_pkeys[SSL_PKEY_GOST94].x509;
2212 if (!peer_cert) { 2210 if (!peer_cert) {
2213 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, 2211 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2214 SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER); 2212 SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-27 08:12:09 +0000