From e0892f5cadc07677b7b04f03c62f184ae0ea4fa5 Mon Sep 17 00:00:00 2001 From: jsing <> Date: Fri, 5 Jun 2020 17:58:32 +0000 Subject: [PATCH 15/87] Stop sending GOST R 34.10-94 as a CertificateType. GOST R 34.10-94 is an obsolete certificate type, unsupported by LibreSSL and by the rest of current software, so there is no point in sending in the CertificateTypes. Diff from Dmitry Baryshkov Sponsored by ROSA Linux ok inoguchi@ tb@ --- src/lib/libssl/s3_lib.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c index afc798bed..f98ec3e09 100644 --- a/src/lib/libssl/s3_lib.c +++ b/src/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.193 2020/05/10 14:17:47 jsing Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.194 2020/06/05 17:58:32 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -2547,8 +2547,6 @@ ssl3_get_req_cert_types(SSL *s, CBB *cbb) #ifndef OPENSSL_NO_GOST if ((alg_k & SSL_kGOST) != 0) { - if (!CBB_add_u8(cbb, TLS_CT_GOST94_SIGN)) - return 0; if (!CBB_add_u8(cbb, TLS_CT_GOST01_SIGN)) return 0; if (!CBB_add_u8(cbb, TLS_CT_GOST12_256_SIGN)) -- 2.17.1