SSL Improper ciphers on this site

I fixed the issue, the Intel patch was forcing to use CHACHA20 only if it was client's most preferred cipher (Android 5.0.0). Removing that conditional reverted everything to normal cipher use behavior.
SSL Server Test: axivo.com (Powered by Qualys SSL Labs)

BTW, the CHACHA/POLY source code you linked above is deprecated (was released by Adam Langley in 2013), I recommend you to look at BoringSSL code for a proper implementation.

---

 

Take a look at Intel patches, for a proper implementation of CHACHA/POLY in OpenSSL. I used portions of Vlad's code on AXIVO release, Take a look at this thread, for recent Intel's enhancements:
Login

 

RHEL6 on a fairly old processor:

Code:

[root@apollo ~]# dmidecode -t processor
# dmidecode 2.12
SMBIOS 2.5 present.

Handle 0x0004, DMI type 4, 40 bytes
Processor Information
    Socket Designation: CPU 1
    Type: Central Processor
    Family: Core i7
    Manufacturer: Intel           
    ID: A5 06 01 00 FF FB EB BF
    Signature: Type 0, Family 6, Model 26, Stepping 5
    Flags:
        FPU (Floating-point unit on-chip)
        VME (Virtual mode extension)
        DE (Debugging extension)
        PSE (Page size extension)
        TSC (Time stamp counter)
        MSR (Model specific registers)
        PAE (Physical address extension)
        MCE (Machine check exception)
        CX8 (CMPXCHG8 instruction supported)
        APIC (On-chip APIC hardware supported)
        SEP (Fast system call)
        MTRR (Memory type range registers)
        PGE (Page global enable)
        MCA (Machine check architecture)
        CMOV (Conditional move instruction supported)
        PAT (Page attribute table)
        PSE-36 (36-bit page size extension)
        CLFSH (CLFLUSH instruction supported)
        DS (Debug store)
        ACPI (ACPI supported)
        MMX (MMX technology supported)
        FXSR (FXSAVE and FXSTOR instructions supported)
        SSE (Streaming SIMD extensions)
        SSE2 (Streaming SIMD extensions 2)
        SS (Self-snoop)
        HTT (Multi-threading)
        TM (Thermal monitor supported)
        PBE (Pending break enabled)
    Version: Intel(R) Core(TM) i7 CPU         920  @ 2.67GHz   
    Voltage: Unknown
    External Clock: 133 MHz
    Max Speed: 2666 MHz
    Current Speed: 2666 MHz
    Status: Populated, Enabled
    Upgrade: Other
    L1 Cache Handle: 0x0005
    L2 Cache Handle: 0x0006
    L3 Cache Handle: 0x0007
    Serial Number: To Be Filled By O.E.M.
    Asset Tag: To Be Filled By O.E.M.
    Part Number: To Be Filled By O.E.M.
    Core Count: 4
    Core Enabled: 4
    Thread Count: 8
    Characteristics:
        64-bit capable

[root@apollo ~]# openssl speed chacha20-poly1305 -multi 8
Forked child 0
Forked child 1
+DT:chacha20-poly1305:3:16
Forked child 2
Forked child 3
+DT:chacha20-poly1305:3:16
+DT:chacha20-poly1305:3:16
Forked child 4
+DT:chacha20-poly1305:3:16
Forked child 5
+DT:chacha20-poly1305:3:16
Forked child 6
Forked child 7
+DT:chacha20-poly1305:3:16
+DT:chacha20-poly1305:3:16
+DT:chacha20-poly1305:3:16
+R:1983454:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:64
+R:1983052:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:64
+R:1985380:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:64
+R:1984584:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:64
+R:1983558:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:64
+R:1982396:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:64
+R:1986482:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:64
+R:1984387:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:64
+R:1778853:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:256
+R:1779222:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:256
+R:1774976:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:256
+R:1778170:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:256
+R:1778895:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:256
+R:1778783:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:256
+R:1775181:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:256
+R:1778115:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:256
+R:708226:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:1024
+R:707365:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:1024
+R:707684:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:1024
+R:708672:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:1024
+R:708202:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:1024
+R:707209:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:1024
+R:708234:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:1024
+R:708640:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:1024
+R:245667:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:8192
+R:244265:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:8192
+R:245648:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:8192
+R:246129:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:8192
+R:245677:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:8192
+R:244206:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:8192
+R:245783:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:8192
+R:246115:chacha20-poly1305:3.000000
+DT:chacha20-poly1305:3:8192
+R:34430:chacha20-poly1305:3.000000
+R:34508:chacha20-poly1305:3.000000
+R:34474:chacha20-poly1305:3.000000
+R:34569:chacha20-poly1305:3.000000
+R:34433:chacha20-poly1305:3.000000
+R:34499:chacha20-poly1305:3.000000
Got: +H:16:64:256:1024:8192 from 0
Got: +F:30:chacha20-poly1305:10578421.33:37948864.00:60435285.33:83854336.00:94016853.33 from 0
+R:34612:chacha20-poly1305:3.000000
+R:34683:chacha20-poly1305:3.000000
Got: +H:16:64:256:1024:8192 from 1
Got: +F:30:chacha20-poly1305:10576277.33:37956736.00:60361813.33:83375786.67:94229845.33 from 1
Got: +H:16:64:256:1024:8192 from 2
Got: +F:30:chacha20-poly1305:10588693.33:37866154.67:60389034.67:83847850.67:94137002.67 from 2
Got: +H:16:64:256:1024:8192 from 3
Got: +F:30:chacha20-poly1305:10584448.00:37934293.33:60473344.00:84012032.00:94396416.00 from 3
Got: +H:16:64:256:1024:8192 from 4
Got: +F:30:chacha20-poly1305:10578976.00:37949760.00:60433237.33:83857749.33:94025045.33 from 4
Got: +H:16:64:256:1024:8192 from 5
Got: +F:30:chacha20-poly1305:10572778.67:37947370.67:60348501.33:83355648.00:94205269.33 from 5
Got: +H:16:64:256:1024:8192 from 6
Got: +F:30:chacha20-poly1305:10594570.67:37870528.00:60435968.00:83893930.67:94513834.67 from 6
Got: +H:16:64:256:1024:8192 from 7
Got: +F:30:chacha20-poly1305:10583397.33:37933120.00:60470613.33:84007253.33:94707712.00 from 7
OpenSSL 1.0.2a-fips 19 Mar 2015
built on: reproducible build, date unspecified
options:bn(64,64) md2(int) rc4(16x,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx)
compiler: gcc -I. -I.. -I../include  -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DKRB5_MIT -m64 -DL_ENDIAN -Wall -O3 -g -mmmx -msse3 -mfpmath=sse -Wa,--noexecstack -fomit-frame-pointer -DPURIFY -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DCHAPOLY_x86_64_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM
chacha20-poly1305    84657.56k   303406.83k   483347.80k   670204.59k   754231.98k

 

I run my online site on one of their really old OVH servers, KS2. You want stats on that?