GOST R 34.10-94 is an obsolete certificate type, unsupported by LibreSSL and by the rest of current software, so there is no point in sending in the CertificateTypes. Drop it.
Sponsored by ROSA Linux Signed-off-by: Dmitry Baryshkov <dbarysh...@gmail.com> --- src/lib/libssl/s3_lib.c | 2 -- src/lib/libssl/tls1.h | 1 - 2 files changed, 3 deletions(-) diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c index dfd5893a2fa7..f71995632040 100644 --- a/src/lib/libssl/s3_lib.c +++ b/src/lib/libssl/s3_lib.c @@ -2549,8 +2549,6 @@ ssl3_get_req_cert_types(SSL *s, CBB *cbb) #ifndef OPENSSL_NO_GOST if ((alg_k & SSL_kGOST) != 0) { - if (!CBB_add_u8(cbb, TLS_CT_GOST94_SIGN)) - return 0; if (!CBB_add_u8(cbb, TLS_CT_GOST01_SIGN)) return 0; if (!CBB_add_u8(cbb, TLS_CT_GOST12_256_SIGN)) diff --git a/src/lib/libssl/tls1.h b/src/lib/libssl/tls1.h index 2230f0bab8b9..26dca0803434 100644 --- a/src/lib/libssl/tls1.h +++ b/src/lib/libssl/tls1.h @@ -738,7 +738,6 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb) #define TLS_CT_ECDSA_SIGN 64 #define TLS_CT_RSA_FIXED_ECDH 65 #define TLS_CT_ECDSA_FIXED_ECDH 66 -#define TLS_CT_GOST94_SIGN 21 #define TLS_CT_GOST01_SIGN 22 #define TLS_CT_GOST12_256_SIGN 238 /* FIXME: IANA */ #define TLS_CT_GOST12_512_SIGN 239 /* FIXME: IANA */ -- 2.25.1