Remove GOST and STREEBOG support from libssl.

This version of GOST is old and not anywhere close to compliant with
modern GOST standards. It is also very intrusive in libssl and
makes a mess everywhere.  Efforts to entice a suitably minded anyone
to care about it have been unsuccessful.

At this point it is probably best to remove this, and if someone
ever showed up who truly needed a working version, it should be
a clean implementation from scratch, and have it use something
closer to the typical API in libcrypto so it would integrate less
painfully here.

This removes it from libssl in preparation for it's removal from
libcrypto with a future major bump

ok tb@

1 files changed, 2 insertions, 8 deletions

diff --git a/src/lib/libssl/tls1.h b/src/lib/libssl/tls1.h
index 2bdbd3c184..daf6cba6fa 100644
--- a/src/lib/libssl/tls1.h
+++ b/src/lib/libssl/tls1.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls1.h,v 1.56 2022/07/17 14:39:09 jsing Exp $ */
+/* $OpenBSD: tls1.h,v 1.57 2024/02/03 15:58:34 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -741,18 +741,12 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
 #define TLS_CT_DSS_SIGN                 2
 #define TLS_CT_RSA_FIXED_DH             3
 #define TLS_CT_DSS_FIXED_DH             4
-#define TLS_CT_GOST94_SIGN              21
-#define TLS_CT_GOST01_SIGN              22
 #define TLS_CT_ECDSA_SIGN               64
 #define TLS_CT_RSA_FIXED_ECDH           65
 #define TLS_CT_ECDSA_FIXED_ECDH         66
-#define TLS_CT_GOST12_256_SIGN          67
-#define TLS_CT_GOST12_512_SIGN          68
-#define TLS_CT_GOST12_256_SIGN_COMPAT   238 /* pre-IANA, for compat */
-#define TLS_CT_GOST12_512_SIGN_COMPAT   239 /* pre-IANA, for compat */
 /* when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
  * comment there) */
-#define TLS_CT_NUMBER                   13
+#define TLS_CT_NUMBER                   7
 
 #define TLS1_FINISH_MAC_LENGTH          12