diff options
| -rwxr-xr-x | configure.ac | 1 | ||||
| -rw-r--r-- | lib/vtls/cyassl.c | 21 |
2 files changed, 1 insertions, 21 deletions
diff --git a/configure.ac b/configure.ac index 462ed8134..1fc9d34d5 100755 --- a/configure.ac +++ b/configure.ac @@ -2384,7 +2384,6 @@ if test -z "$ssl_backends" -o "x$OPT_CYASSL" != xno; then dnl Recent WolfSSL versions build without SSLv3 by default dnl WolfSSL needs configure --enable-opensslextra to have *get_peer* AC_CHECK_FUNCS(wolfSSLv3_client_method \ - wolfSSL_CTX_UseSupportedCurve \ wolfSSL_get_peer_certificate \ wolfSSL_UseALPN) else diff --git a/lib/vtls/cyassl.c b/lib/vtls/cyassl.c index ea96cf65e..c7a3268ef 100644 --- a/lib/vtls/cyassl.c +++ b/lib/vtls/cyassl.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -67,15 +67,6 @@ and that's a problem since options.h hasn't been included yet. */ #endif #endif -/* HAVE_SUPPORTED_CURVES is wolfSSL's build time symbol for enabling the ECC - supported curve extension in options.h. Note ECC is enabled separately. */ -#ifndef HAVE_SUPPORTED_CURVES -#if defined(HAVE_CYASSL_CTX_USESUPPORTEDCURVE) || \ - defined(HAVE_WOLFSSL_CTX_USESUPPORTEDCURVE) -#define HAVE_SUPPORTED_CURVES -#endif -#endif - #include <limits.h> #include "urldata.h" @@ -364,16 +355,6 @@ cyassl_connect_step1(struct connectdata *conn, } #endif -#ifdef HAVE_SUPPORTED_CURVES - /* CyaSSL/wolfSSL does not send the supported ECC curves ext automatically: - https://github.com/wolfSSL/wolfssl/issues/366 - The supported curves below are those also supported by OpenSSL 1.0.2 and - in the same order. */ - CyaSSL_CTX_UseSupportedCurve(BACKEND->ctx, 0x17); /* secp256r1 */ - CyaSSL_CTX_UseSupportedCurve(BACKEND->ctx, 0x19); /* secp521r1 */ - CyaSSL_CTX_UseSupportedCurve(BACKEND->ctx, 0x18); /* secp384r1 */ -#endif - /* give application a chance to interfere with SSL set up. */ if(data->set.ssl.fsslctx) { CURLcode result = CURLE_OK; |