提交 646e8c1d 编写于 作者: R Rich Salz

Dead code removal: Fortezza identifiers

Not interested in helping the NSA in the slightest.
And anyway, it was never implemented, #if'd out.
Reviewed-by: NRichard Levitte <levitte@openssl.org>
上级 1a5adcfb
...@@ -246,11 +246,6 @@ carry ECDH keys. ...@@ -246,11 +246,6 @@ carry ECDH keys.
cipher suites using ECDSA authentication, i.e. the certificates carry ECDSA cipher suites using ECDSA authentication, i.e. the certificates carry ECDSA
keys. keys.
=item B<kFZA>, B<aFZA>, B<eFZA>, B<FZA>
ciphers suites using FORTEZZA key exchange, authentication, encryption or all
FORTEZZA algorithms. Not implemented.
=item B<TLSv1.2>, B<TLSv1>, B<SSLv3> =item B<TLSv1.2>, B<TLSv1>, B<SSLv3>
TLS v1.2, TLS v1.0 or SSL v3.0 cipher suites respectively. Note: TLS v1.2, TLS v1.0 or SSL v3.0 cipher suites respectively. Note:
......
...@@ -601,57 +601,6 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = { ...@@ -601,57 +601,6 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = {
168, 168,
}, },
/* Fortezza ciphersuite from SSL 3.0 spec */
#if 0
/* Cipher 1C */
{
0,
SSL3_TXT_FZA_DMS_NULL_SHA,
SSL3_CK_FZA_DMS_NULL_SHA,
SSL_kFZA,
SSL_aFZA,
SSL_eNULL,
SSL_SHA1,
SSL_SSLV3,
SSL_NOT_EXP | SSL_STRONG_NONE,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
},
/* Cipher 1D */
{
0,
SSL3_TXT_FZA_DMS_FZA_SHA,
SSL3_CK_FZA_DMS_FZA_SHA,
SSL_kFZA,
SSL_aFZA,
SSL_eFZA,
SSL_SHA1,
SSL_SSLV3,
SSL_NOT_EXP | SSL_STRONG_NONE,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
0,
0,
},
/* Cipher 1E */
{
0,
SSL3_TXT_FZA_DMS_RC4_SHA,
SSL3_CK_FZA_DMS_RC4_SHA,
SSL_kFZA,
SSL_aFZA,
SSL_RC4,
SSL_SHA1,
SSL_SSLV3,
SSL_NOT_EXP | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
},
#endif
#ifndef OPENSSL_NO_KRB5 #ifndef OPENSSL_NO_KRB5
/* The Kerberos ciphers*/ /* The Kerberos ciphers*/
/* Cipher 1E */ /* Cipher 1E */
......
...@@ -218,11 +218,6 @@ extern "C" { ...@@ -218,11 +218,6 @@ extern "C" {
# define SSL_TXT_HIGH "HIGH" # define SSL_TXT_HIGH "HIGH"
# define SSL_TXT_FIPS "FIPS" # define SSL_TXT_FIPS "FIPS"
# define SSL_TXT_kFZA "kFZA"/* unused! */
# define SSL_TXT_aFZA "aFZA"/* unused! */
# define SSL_TXT_eFZA "eFZA"/* unused! */
# define SSL_TXT_FZA "FZA"/* unused! */
# define SSL_TXT_aNULL "aNULL" # define SSL_TXT_aNULL "aNULL"
# define SSL_TXT_eNULL "eNULL" # define SSL_TXT_eNULL "eNULL"
# define SSL_TXT_NULL "NULL" # define SSL_TXT_NULL "NULL"
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册