Remove support for GOST R 34.10-94 signature authentication, along with

the two ciphersuites that use it. GOST94 public/private keys have been
long obsoleted and libcrypto does not have support for them anyway.

Discussed with Dmitry Eremin-Solenikov.

1 files changed, 2 insertions, 4 deletions

diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c
index e1b2f9cf2d..43880a0610 100644
--- a/src/lib/libssl/s3_srvr.c
+++ b/src/lib/libssl/s3_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_srvr.c,v 1.91 2014/11/18 05:33:43 miod Exp $ */
+/* $OpenBSD: s3_srvr.c,v 1.92 2014/12/10 15:36:47 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -2134,9 +2134,7 @@ ssl3_get_client_key_exchange(SSL *s)
 
                 /* Get our certificate private key*/
                 alg_a = s->s3->tmp.new_cipher->algorithm_auth;
-                if (alg_a & SSL_aGOST94)
-                        pk = s->cert->pkeys[SSL_PKEY_GOST94].privatekey;
-                else if (alg_a & SSL_aGOST01)
+                if (alg_a & SSL_aGOST01)
                         pk = s->cert->pkeys[SSL_PKEY_GOST01].privatekey;
 
                 pkey_ctx = EVP_PKEY_CTX_new(pk, NULL);