GOST R 34.10-94 is an obsolete certificate type, unsupported by
LibreSSL and by the rest of current software, so there is no point in
sending in the CertificateTypes. Drop it.
Sponsored by ROSA Linux
Signed-off-by: Dmitry Baryshkov <dbarysh...@gmail.com>
---
src/lib/libssl/s3_lib.c | 2 --
src/lib/libssl/tls1.h | 1 -
2 files changed, 3 deletions(-)
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index dfd5893a2fa7..f71995632040 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -2549,8 +2549,6 @@ ssl3_get_req_cert_types(SSL *s, CBB *cbb)
#ifndef OPENSSL_NO_GOST
if ((alg_k & SSL_kGOST) != 0) {
- if (!CBB_add_u8(cbb, TLS_CT_GOST94_SIGN))
- return 0;
if (!CBB_add_u8(cbb, TLS_CT_GOST01_SIGN))
return 0;
if (!CBB_add_u8(cbb, TLS_CT_GOST12_256_SIGN))
diff --git a/src/lib/libssl/tls1.h b/src/lib/libssl/tls1.h
index 2230f0bab8b9..26dca0803434 100644
--- a/src/lib/libssl/tls1.h
+++ b/src/lib/libssl/tls1.h
@@ -738,7 +738,6 @@
SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
#define TLS_CT_ECDSA_SIGN 64
#define TLS_CT_RSA_FIXED_ECDH 65
#define TLS_CT_ECDSA_FIXED_ECDH 66
-#define TLS_CT_GOST94_SIGN 21
#define TLS_CT_GOST01_SIGN 22
#define TLS_CT_GOST12_256_SIGN 238 /* FIXME: IANA */
#define TLS_CT_GOST12_512_SIGN 239 /* FIXME: IANA */
--
2.25.1
