Commit 71cff963 authored by Matt Caswell's avatar Matt Caswell
Browse files

Fix no-chacha and no-poly1305 



Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5287)
parent b53fdad0

test/cipherlist_test.c

+3 −1
Original line number Diff line number Diff line
@@ -72,7 +72,7 @@ static const uint32_t default_ciphers_in_order[] = { 
    TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,

# endif



# if !defined OPENSSL_NO_CHACHA && !defined OPENSSL_NO_POLY1305

# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)

#  ifndef OPENSSL_NO_EC

    TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,

    TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305,
@@ -126,7 +126,9 @@ static const uint32_t default_ciphers_in_order[] = { 
#endif

#ifndef OPENSSL_NO_TLS1_3

    TLS1_3_CK_AES_256_GCM_SHA384,

# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)

    TLS1_3_CK_CHACHA20_POLY1305_SHA256,

# endif

    TLS1_3_CK_AES_128_GCM_SHA256,

#endif

#ifndef OPENSSL_NO_TLS1_2

test/sslapitest.c

+2 −0
Original line number Diff line number Diff line
@@ -2332,6 +2332,7 @@ static int test_ciphersuite_change(void) 
    SSL_free(clientssl);

    serverssl = clientssl = NULL;



# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)

    /* Check we can resume a session with a different SHA-256 ciphersuite */

    if (!TEST_true(SSL_CTX_set_cipher_list(cctx,

                                           "TLS13-CHACHA20-POLY1305-SHA256"))
@@ -2350,6 +2351,7 @@ static int test_ciphersuite_change(void) 
    SSL_free(serverssl);

    SSL_free(clientssl);

    serverssl = clientssl = NULL;

# endif



    /*

     * Check attempting to resume a SHA-256 session with no SHA-256 ciphersuites