luo980/curl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

nss: delete more NSS references

Browse Source 
Fix the distcheck CI failure and delete more NSS references.

Follow-up to 7c8bae0d9c

Reviewed-by: Marcel Raad
Reviewed-by: Daniel Stenberg
Closes #11548
This commit is contained in:
Viktor Szakats 2023-07-30 19:12:52 +00:00
parent 7c8bae0d9c
commit 86eff0b0d5
No known key found for this signature in database
GPG Key ID: B5ABD165E2AEF201
6 changed files with 0 additions and 121 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CMakeLists.txt
View File

@ -52,7 +52,6 @@
# HAVE_RAND_EGD: `RAND_egd` present in OpenSSL # HAVE_RAND_EGD: `RAND_egd` present in OpenSSL
# HAVE_AWSLC: OpenSSL is AWS-LC # HAVE_AWSLC: OpenSSL is AWS-LC
# HAVE_BORINGSSL: OpenSSL is BoringSSL # HAVE_BORINGSSL: OpenSSL is BoringSSL
# HAVE_PK11_CREATEMANAGEDGENERICOBJECTL: `PK11_CreateManagedGenericObject` present in NSS
# HAVE_SSL_CTX_SET_QUIC_METHOD: `SSL_CTX_set_quic_method` present in OpenSSL/wolfSSL # HAVE_SSL_CTX_SET_QUIC_METHOD: `SSL_CTX_set_quic_method` present in OpenSSL/wolfSSL
# HAVE_QUICHE_CONN_SET_QLOG_FD: `quiche_conn_set_qlog_fd` present in QUICHE # HAVE_QUICHE_CONN_SET_QLOG_FD: `quiche_conn_set_qlog_fd` present in QUICHE
# HAVE_ZSTD_CREATEDSTREAM: `ZSTD_createDStream` present in Zstd # HAVE_ZSTD_CREATEDSTREAM: `ZSTD_createDStream` present in Zstd

1
Makefile.am
View File

@ -43,7 +43,6 @@ CMAKE_DIST = \
CMake/FindNGHTTP2.cmake \ CMake/FindNGHTTP2.cmake \
CMake/FindNGHTTP3.cmake \ CMake/FindNGHTTP3.cmake \
CMake/FindNGTCP2.cmake \ CMake/FindNGTCP2.cmake \
CMake/FindNSS.cmake \
CMake/FindQUICHE.cmake \ CMake/FindQUICHE.cmake \
CMake/FindWolfSSL.cmake \ CMake/FindWolfSSL.cmake \
CMake/FindZstd.cmake \ CMake/FindZstd.cmake \

112
docs/CIPHERS.md
View File

@ -165,118 +165,6 @@ When specifying multiple cipher names, separate them with colon (`:`).
`TLS_AES_128_CCM_8_SHA256` `TLS_AES_128_CCM_8_SHA256`
`TLS_AES_128_CCM_SHA256` `TLS_AES_128_CCM_SHA256`
## NSS
### Totally insecure
`rc4`
`rc4-md5`
`rc4export`
`rc2`
`rc2export`
`des`
`desede3`
### SSL3/TLS cipher suites
`rsa_rc4_128_md5`
`rsa_rc4_128_sha`
`rsa_3des_sha`
`rsa_des_sha`
`rsa_rc4_40_md5`
`rsa_rc2_40_md5`
`rsa_null_md5`
`rsa_null_sha`
`fips_3des_sha`
`fips_des_sha`
`fortezza`
`fortezza_rc4_128_sha`
`fortezza_null`
### TLS 1.0 Exportable 56-bit Cipher Suites
`rsa_des_56_sha`
`rsa_rc4_56_sha`
### AES ciphers
`dhe_dss_aes_128_cbc_sha`
`dhe_dss_aes_256_cbc_sha`
`dhe_rsa_aes_128_cbc_sha`
`dhe_rsa_aes_256_cbc_sha`
`rsa_aes_128_sha`
`rsa_aes_256_sha`
### ECC ciphers
`ecdh_ecdsa_null_sha`
`ecdh_ecdsa_rc4_128_sha`
`ecdh_ecdsa_3des_sha`
`ecdh_ecdsa_aes_128_sha`
`ecdh_ecdsa_aes_256_sha`
`ecdhe_ecdsa_null_sha`
`ecdhe_ecdsa_rc4_128_sha`
`ecdhe_ecdsa_3des_sha`
`ecdhe_ecdsa_aes_128_sha`
`ecdhe_ecdsa_aes_256_sha`
`ecdh_rsa_null_sha`
`ecdh_rsa_128_sha`
`ecdh_rsa_3des_sha`
`ecdh_rsa_aes_128_sha`
`ecdh_rsa_aes_256_sha`
`ecdhe_rsa_null`
`ecdhe_rsa_rc4_128_sha`
`ecdhe_rsa_3des_sha`
`ecdhe_rsa_aes_128_sha`
`ecdhe_rsa_aes_256_sha`
`ecdh_anon_null_sha`
`ecdh_anon_rc4_128sha`
`ecdh_anon_3des_sha`
`ecdh_anon_aes_128_sha`
`ecdh_anon_aes_256_sha`
### HMAC-SHA256 cipher suites
`rsa_null_sha_256`
`rsa_aes_128_cbc_sha_256`
`rsa_aes_256_cbc_sha_256`
`dhe_rsa_aes_128_cbc_sha_256`
`dhe_rsa_aes_256_cbc_sha_256`
`ecdhe_ecdsa_aes_128_cbc_sha_256`
`ecdhe_rsa_aes_128_cbc_sha_256`
### AES GCM cipher suites in RFC 5288 and RFC 5289
`rsa_aes_128_gcm_sha_256`
`dhe_rsa_aes_128_gcm_sha_256`
`dhe_dss_aes_128_gcm_sha_256`
`ecdhe_ecdsa_aes_128_gcm_sha_256`
`ecdh_ecdsa_aes_128_gcm_sha_256`
`ecdhe_rsa_aes_128_gcm_sha_256`
`ecdh_rsa_aes_128_gcm_sha_256`
### cipher suites using SHA384
`rsa_aes_256_gcm_sha_384`
`dhe_rsa_aes_256_gcm_sha_384`
`dhe_dss_aes_256_gcm_sha_384`
`ecdhe_ecdsa_aes_256_sha_384`
`ecdhe_rsa_aes_256_sha_384`
`ecdhe_ecdsa_aes_256_gcm_sha_384`
`ecdhe_rsa_aes_256_gcm_sha_384`
### chacha20-poly1305 cipher suites
`ecdhe_rsa_chacha20_poly1305_sha_256`
`ecdhe_ecdsa_chacha20_poly1305_sha_256`
`dhe_rsa_chacha20_poly1305_sha_256`
### TLS 1.3 cipher suites
`aes_128_gcm_sha_256`
`aes_256_gcm_sha_384`
`chacha20_poly1305_sha_256`
## GSKit ## GSKit
Ciphers are internally defined as [numeric Ciphers are internally defined as [numeric

3
docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.3
View File

@ -84,9 +84,6 @@ a TLS extension that sends the hostname to the server. The server may use that
information to do such things as sending back a specific certificate for the information to do such things as sending back a specific certificate for the
hostname, or forwarding the request to a specific origin server. Some hostnames hostname, or forwarding the request to a specific origin server. Some hostnames
may be inaccessible if SNI is not sent. may be inaccessible if SNI is not sent.
NSS: If \fICURLOPT_SSL_VERIFYPEER(3)\fP is zero,
\fICURLOPT_SSL_VERIFYHOST(3)\fP is also set to zero and cannot be overridden.
.SH DEFAULT .SH DEFAULT
2 2
.SH PROTOCOLS .SH PROTOCOLS

3
lib/curl_config.h.cmake
View File

@ -688,9 +688,6 @@ ${SIZEOF_TIME_T_CODE}
/* If you want to build curl with the built-in manual */ /* If you want to build curl with the built-in manual */
#cmakedefine USE_MANUAL 1 #cmakedefine USE_MANUAL 1
/* if you have the PK11_CreateManagedGenericObject function */
#cmakedefine HAVE_PK11_CREATEMANAGEDGENERICOBJECT 1
/* if you want to use OpenLDAP code instead of legacy ldap implementation */ /* if you want to use OpenLDAP code instead of legacy ldap implementation */
#cmakedefine USE_OPENLDAP 1 #cmakedefine USE_OPENLDAP 1

1
tests/data/test1470
View File

@ -35,7 +35,6 @@ Funny-head: yesyes
<features> <features>
proxy proxy
unix-sockets unix-sockets
!NSS
</features> </features>
<server> <server>
https https