diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2017-06-18 14:35:57 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-06-19 08:21:07 +0200 |
| commit | 15798859fcf1906b61902dd13f8667791b1ffc24 (patch) | |
| tree | f49a8c3a01c67ffce6a2be74ebf1f7f808856371 | |
| parent | 567eb36bc8d1f6485f236eb35972b06a23bce2ec (diff) | |
| download | gnutls-15798859fcf1906b61902dd13f8667791b1ffc24.tar.gz | |
NORMAL priority: no longer enable the smaller curves by default
They are not widely enabled by web servers, and they provide no
advantage over X25519.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
| -rw-r--r-- | lib/priority.c | 4 |
1 files changed, 0 insertions, 4 deletions
diff --git a/lib/priority.c b/lib/priority.c index 6a7d32de50..3d99e69b22 100644 --- a/lib/priority.c +++ b/lib/priority.c @@ -109,10 +109,6 @@ static const int _supported_ecc_normal[] = { GNUTLS_ECC_CURVE_SECP384R1, GNUTLS_ECC_CURVE_SECP521R1, GNUTLS_ECC_CURVE_X25519, /* draft-ietf-tls-rfc4492bis */ -#ifdef ENABLE_NON_SUITEB_CURVES - GNUTLS_ECC_CURVE_SECP224R1, - GNUTLS_ECC_CURVE_SECP192R1, -#endif 0 }; static const int* supported_ecc_normal = _supported_ecc_normal; |