diff options
| author | Philip Guenther <guenther@cvs.openbsd.org> | 2014-04-16 15:10:08 +0000 |
|---|---|---|
| committer | Philip Guenther <guenther@cvs.openbsd.org> | 2014-04-16 15:10:08 +0000 |
| commit | c263c05c147f4e7fa9e7f79611a8814ae8ed855c (patch) | |
| tree | 5f9b218644da6503a9e765136f55ee757535cf3a /lib/libssl/ssl_locl.h | |
| parent | 4f3b084c98780fc3d3770bfc88c3c63e9016bf43 (diff) | |
Kill the bogus "send an SSLv3/TLS hello in SSLv2 format" crap from
the SSLv23_* client code. The server continues to accept it. It
also kills the bits for SSL2 SESSIONs; even when the server gets
an SSLv2-style compat handshake, the session that it creates has
the correct version internally.
ok tedu@ beck@
Diffstat (limited to 'lib/libssl/ssl_locl.h')
| -rw-r--r-- | lib/libssl/ssl_locl.h | 39 |
1 files changed, 1 insertions, 38 deletions
diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h index 203a47480f8..e9c3a6bcd85 100644 --- a/lib/libssl/ssl_locl.h +++ b/lib/libssl/ssl_locl.h @@ -521,7 +521,7 @@ typedef struct cert_st { typedef struct sess_cert_st { - STACK_OF(X509) *cert_chain; /* as received from peer (not for SSL2) */ + STACK_OF(X509) *cert_chain; /* as received from peer */ /* The 'peer_...' members are used only by clients. */ int peer_cert_type; @@ -731,43 +731,6 @@ const SSL_METHOD *func_name(void) \ return &func_name##_data; \ } -#define IMPLEMENT_ssl2_meth_func(func_name, s_accept, s_connect, s_get_meth) \ -const SSL_METHOD *func_name(void) \ - { \ - static const SSL_METHOD func_name##_data= { \ - SSL2_VERSION, \ - ssl2_new, /* local */ \ - ssl2_clear, /* local */ \ - ssl2_free, /* local */ \ - s_accept, \ - s_connect, \ - ssl2_read, \ - ssl2_peek, \ - ssl2_write, \ - ssl2_shutdown, \ - ssl_ok, /* NULL - renegotiate */ \ - ssl_ok, /* NULL - check renegotiate */ \ - NULL, /* NULL - ssl_get_message */ \ - NULL, /* NULL - ssl_get_record */ \ - NULL, /* NULL - ssl_write_bytes */ \ - NULL, /* NULL - dispatch_alert */ \ - ssl2_ctrl, /* local */ \ - ssl2_ctx_ctrl, /* local */ \ - ssl2_get_cipher_by_char, \ - ssl2_put_cipher_by_char, \ - ssl2_pending, \ - ssl2_num_ciphers, \ - ssl2_get_cipher, \ - s_get_meth, \ - ssl2_default_timeout, \ - &ssl3_undef_enc_method, \ - ssl_undefined_void_function, \ - ssl2_callback_ctrl, /* local */ \ - ssl2_ctx_callback_ctrl, /* local */ \ - }; \ - return &func_name##_data; \ - } - #define IMPLEMENT_dtls1_meth_func(func_name, s_accept, s_connect, s_get_meth) \ const SSL_METHOD *func_name(void) \ { \ |