Dead code removal: Fortezza identifiers

Not interested in helping the NSA in the slightest. And anyway, it was never implemented, #if'd out. Reviewed-by: N Richard Levitte <levitte@openssl.org>

Dead code removal: Fortezza identifiers
Not interested in helping the NSA in the slightest. And anyway, it was never implemented, #if'd out. Reviewed-by: N Richard Levitte <levitte@openssl.org>
646e8c1d · Rich Salz · 1a5adcfb · 646e8c1d · 646e8c1d · 646e8c1d
隐藏空白更改
内联并排

Showing with 0 addition and 61 deletion

doc/apps/ciphers.pod doc/apps/ciphers.pod +0 -5

ssl/s3_lib.c ssl/s3_lib.c +0 -51

ssl/ssl.h ssl/ssl.h +0 -5

未找到文件。
--- a/doc/apps/ciphers.pod
+++ b/doc/apps/ciphers.pod
@@ -246,11 +246,6 @@ carry ECDH keys.
 cipher suites using ECDSA authentication, i.e. the certificates carry ECDSA
 keys.

-=item B<kFZA>, B<aFZA>, B<eFZA>, B<FZA>
-
-ciphers suites using FORTEZZA key exchange, authentication, encryption or all
-FORTEZZA algorithms. Not implemented.
-
 =item B<TLSv1.2>, B<TLSv1>, B<SSLv3>

 TLS v1.2, TLS v1.0 or SSL v3.0 cipher suites respectively. Note:

--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -601,57 +601,6 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = {
     168,
     },

-/* Fortezza ciphersuite from SSL 3.0 spec */
-#if 0
-/* Cipher 1C */
-    {
-     0,
-     SSL3_TXT_FZA_DMS_NULL_SHA,
-     SSL3_CK_FZA_DMS_NULL_SHA,
-     SSL_kFZA,
-     SSL_aFZA,
-     SSL_eNULL,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_EXP | SSL_STRONG_NONE,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     0,
-     0,
-     },
-
-/* Cipher 1D */
-    {
-     0,
-     SSL3_TXT_FZA_DMS_FZA_SHA,
-     SSL3_CK_FZA_DMS_FZA_SHA,
-     SSL_kFZA,
-     SSL_aFZA,
-     SSL_eFZA,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_EXP | SSL_STRONG_NONE,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     0,
-     0,
-     },
-
-/* Cipher 1E */
-    {
-     0,
-     SSL3_TXT_FZA_DMS_RC4_SHA,
-     SSL3_CK_FZA_DMS_RC4_SHA,
-     SSL_kFZA,
-     SSL_aFZA,
-     SSL_RC4,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-#endif
-
 #ifndef OPENSSL_NO_KRB5
 /* The Kerberos ciphers*/
 /* Cipher 1E */

--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -218,11 +218,6 @@ extern "C" {
 # define SSL_TXT_HIGH            "HIGH"
 # define SSL_TXT_FIPS            "FIPS"

-# define SSL_TXT_kFZA            "kFZA"/* unused! */
-# define SSL_TXT_aFZA            "aFZA"/* unused! */
-# define SSL_TXT_eFZA            "eFZA"/* unused! */
-# define SSL_TXT_FZA             "FZA"/* unused! */
-
 # define SSL_TXT_aNULL           "aNULL"
 # define SSL_TXT_eNULL           "eNULL"
 # define SSL_TXT_NULL            "NULL"