[openssl-commits] [openssl] master update

[Matt Caswell]

The branch master has been updated
       via  7731e619fba2f9ea1e888bf906289be37c52e6ac (commit)
      from  01985122ae2b144cdd3a2061640e76bff491dc7f (commit)


- Log -----------------------------------------------------------------
commit 7731e619fba2f9ea1e888bf906289be37c52e6ac
Author: Matt Caswell <matt at openssl.org>
Date:   Thu Mar 15 08:45:22 2018 +0000

    Fix no-chacha and no-poly1305
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/5623)

-----------------------------------------------------------------------

Summary of changes:
 include/openssl/ssl.h | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 0679ada..bb64fe0 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -173,9 +173,14 @@ extern "C" {
  */
 # define SSL_DEFAULT_CIPHER_LIST "ALL:!COMPLEMENTOFDEFAULT:!eNULL"
 /* This is the default set of TLSv1.3 ciphersuites */
-# define TLS_DEFAULT_CIPHERSUITES "TLS_AES_256_GCM_SHA384:" \
-                                  "TLS_CHACHA20_POLY1305_SHA256:" \
-                                  "TLS_AES_128_GCM_SHA256"
+# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
+#  define TLS_DEFAULT_CIPHERSUITES "TLS_AES_256_GCM_SHA384:" \
+                                   "TLS_CHACHA20_POLY1305_SHA256:" \
+                                   "TLS_AES_128_GCM_SHA256"
+# else
+#  define TLS_DEFAULT_CIPHERSUITES "TLS_AES_256_GCM_SHA384:" \
+                                   "TLS_AES_128_GCM_SHA256"
+#endif
 /*
  * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
  * starts with a reasonable order, and all we have to do for DEFAULT is