From 9e01a2b9fc249398f995e0d00bee55d7e3c31be0 Mon Sep 17 00:00:00 2001
From: beck <>
Date: Thu, 24 Jan 2019 00:07:58 +0000
Subject: Remove SHA224 based sigalgs from use in TLS 1.2 as SHA224 is
 deprecated. Remove GOST based sigalgs from TLS 1.2 since they don't work with
 TLS 1.2. ok jsing@

---
 src/lib/libssl/ssl_sigalgs.c | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

(limited to 'src/lib/libssl')

diff --git a/src/lib/libssl/ssl_sigalgs.c b/src/lib/libssl/ssl_sigalgs.c
index 76cb441b07..fdea93e1b0 100644
--- a/src/lib/libssl/ssl_sigalgs.c
+++ b/src/lib/libssl/ssl_sigalgs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sigalgs.c,v 1.15 2019/01/23 23:47:13 beck Exp $ */
+/* $OpenBSD: ssl_sigalgs.c,v 1.16 2019/01/24 00:07:58 beck Exp $ */
 /*
  * Copyright (c) 2018-2019 Bob Beck <beck@openbsd.org>
  *
@@ -182,17 +182,12 @@ uint16_t tls12_sigalgs[] = {
 	SIGALG_RSA_PSS_RSAE_SHA512,
 	SIGALG_RSA_PKCS1_SHA512,
 	SIGALG_ECDSA_SECP521R1_SHA512,
-	SIGALG_GOSTR12_512_STREEBOG_512,
 	SIGALG_RSA_PSS_RSAE_SHA384,
 	SIGALG_RSA_PKCS1_SHA384,
 	SIGALG_ECDSA_SECP384R1_SHA384,
 	SIGALG_RSA_PSS_RSAE_SHA256,
 	SIGALG_RSA_PKCS1_SHA256,
 	SIGALG_ECDSA_SECP256R1_SHA256,
-	SIGALG_GOSTR12_256_STREEBOG_256,
-	SIGALG_GOSTR01_GOST94,
-	SIGALG_RSA_PKCS1_SHA224,
-	SIGALG_ECDSA_SECP224R1_SHA224,
 	SIGALG_RSA_PKCS1_SHA1, /* XXX */
 	SIGALG_ECDSA_SHA1,     /* XXX */
 };
-- 
cgit v1.2.3-55-g6feb