diff options
| author | Matt Caswell <matt@openssl.org> | 2018-03-15 09:45:22 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2018-03-15 14:40:51 +0100 |
| commit | 7731e619fba2f9ea1e888bf906289be37c52e6ac (patch) | |
| tree | f83b61eec6ce2d11db11f53f4893d1c4a6df711a /include | |
| parent | Fix a memory leak in the ca application (diff) | |
| download | openssl-7731e619fba2f9ea1e888bf906289be37c52e6ac.tar.xz openssl-7731e619fba2f9ea1e888bf906289be37c52e6ac.zip | |
Fix no-chacha and no-poly1305
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5623)
Diffstat (limited to 'include')
| -rw-r--r-- | include/openssl/ssl.h | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 0679ada3de..bb64fe04e8 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -173,9 +173,14 @@ extern "C" { */ # define SSL_DEFAULT_CIPHER_LIST "ALL:!COMPLEMENTOFDEFAULT:!eNULL" /* This is the default set of TLSv1.3 ciphersuites */ -# define TLS_DEFAULT_CIPHERSUITES "TLS_AES_256_GCM_SHA384:" \ - "TLS_CHACHA20_POLY1305_SHA256:" \ - "TLS_AES_128_GCM_SHA256" +# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) +# define TLS_DEFAULT_CIPHERSUITES "TLS_AES_256_GCM_SHA384:" \ + "TLS_CHACHA20_POLY1305_SHA256:" \ + "TLS_AES_128_GCM_SHA256" +# else +# define TLS_DEFAULT_CIPHERSUITES "TLS_AES_256_GCM_SHA384:" \ + "TLS_AES_128_GCM_SHA256" +#endif /* * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always * starts with a reasonable order, and all we have to do for DEFAULT is |