From 0d4deb2be14e6590f332920f62b84ef04d153ed1 Mon Sep 17 00:00:00 2001
From: Adam Langley <agl@google.com>
Date: Tue, 2 Jun 2015 13:27:06 -0700
Subject: Disable 0xcafe cipher suite (PSK with AES-GCM).

This is a non-standard cipher suite that's not used in the Android
system.

Bug: 21522548
Change-Id: I07a2783965e9e891473327c9039583b4f89e9f27
---
 src/ssl/s3_lib.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ssl/s3_lib.c b/src/ssl/s3_lib.c
index 13a4a19..92c923e 100644
--- a/src/ssl/s3_lib.c
+++ b/src/ssl/s3_lib.c
@@ -443,6 +443,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
     /* ECDH PSK ciphersuites */
 
     /* Cipher CAFE */
+#if !defined(ANDROID)
     {
      TLS1_TXT_ECDHE_PSK_WITH_AES_128_GCM_SHA256,
      TLS1_CK_ECDHE_PSK_WITH_AES_128_GCM_SHA256, SSL_kECDHE, SSL_aPSK,
@@ -452,7 +453,6 @@ const SSL_CIPHER ssl3_ciphers[] = {
      128, 128,
     },
 
-#if !defined(ANDROID)
     {
      TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
      TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305, SSL_kECDHE, SSL_aRSA,
-- 
cgit v1.1