Remove support for OpenSSL without ECC.

As OpenSSL >= 1.0.0 is now required, ECDHE is now mandatory. The group has to be validated at runtime, because of RedHat lawyers (P224 support is entirely missing in the OpenSSL RPM, but P256 is present and is the default). Resolves ticket #16140.
author: Yawning Angel <yawning@schwanenlied.me> 2015-05-21 17:07:30 +0000
committer: Yawning Angel <yawning@schwanenlied.me> 2015-05-21 17:07:30 +0000
commit: 452cebc4a41bdba41d4a8ce3c16e73d585bb53f4 (patch)
tree: 90145e18db15b67bdaf7e47a771c51014ec54ba7 /changes
parent: 0b7bf3585a378bca4fc5bb551af3c37d517fdf28 (diff)
download: tor-452cebc4a41bdba41d4a8ce3c16e73d585bb53f4.tar.gz
tor-452cebc4a41bdba41d4a8ce3c16e73d585bb53f4.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/changes/ticket16140 b/changes/ticket16140
new file mode 100644
index 0000000000..00c19f1778
--- /dev/null
+++ b/changes/ticket16140
@@ -0,0 +1,6 @@
+  o Removed features:
+
+    - Tor no longer supports copies of OpenSSL that are missing support for
+      Elliptic Curve Cryptography.  In particular support for at least one of
+      P256 or P224 is now required, with manual configuration needed if only
+      P224 is available.
author	Yawning Angel <yawning@schwanenlied.me>	2015-05-21 17:07:30 +0000
committer	Yawning Angel <yawning@schwanenlied.me>	2015-05-21 17:07:30 +0000
commit	452cebc4a41bdba41d4a8ce3c16e73d585bb53f4 (patch)
tree	90145e18db15b67bdaf7e47a771c51014ec54ba7 /changes
parent	0b7bf3585a378bca4fc5bb551af3c37d517fdf28 (diff)
download	tor-452cebc4a41bdba41d4a8ce3c16e73d585bb53f4.tar.gz tor-452cebc4a41bdba41d4a8ce3c16e73d585bb53f4.zip