Remove MBEDTLS_ENABLE_WEAK_CIPHERSUITES configuration option
Fix 4416
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index dabbb28..48d3052 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -659,8 +659,7 @@
* Warning: Only do so when you know what you are doing. This allows for
* encryption or channels without any security!
*
- * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable
- * the following ciphersuites:
+ * To enable the following ciphersuites:
* MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA
* MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA
* MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA
@@ -709,20 +708,6 @@
//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
/**
- * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES
- *
- * Enable weak ciphersuites in SSL / TLS.
- * Warning: Only do so when you know what you are doing. This allows for
- * channels with virtually no security at all!
- *
- * Uncomment this macro to enable weak ciphersuites
- *
- * \warning DES is considered a weak cipher and its use constitutes a
- * security risk. We recommend considering stronger ciphers instead.
- */
-//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
-
-/**
* \def MBEDTLS_REMOVE_3DES_CIPHERSUITES
*
* Remove 3DES ciphersuites by default in SSL / TLS.