diff options
Diffstat (limited to 'lib/libssl/s3_clnt.c')
| -rw-r--r-- | lib/libssl/s3_clnt.c | 72 |
1 files changed, 2 insertions, 70 deletions
diff --git a/lib/libssl/s3_clnt.c b/lib/libssl/s3_clnt.c index 61de494244e..079544da846 100644 --- a/lib/libssl/s3_clnt.c +++ b/lib/libssl/s3_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_clnt.c,v 1.73 2014/07/09 11:25:42 jsing Exp $ */ +/* $OpenBSD: s3_clnt.c,v 1.74 2014/07/10 08:51:14 tedu Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -472,15 +472,6 @@ ssl3_connect(SSL *s) s->init_num = 0; s->session->cipher = s->s3->tmp.new_cipher; -#ifdef OPENSSL_NO_COMP - s->session->compress_meth = 0; -#else - if (s->s3->tmp.new_compression == NULL) - s->session->compress_meth = 0; - else - s->session->compress_meth = - s->s3->tmp.new_compression->id; -#endif if (!s->method->ssl3_enc->setup_key_block(s)) { ret = -1; goto end; @@ -656,10 +647,6 @@ ssl3_client_hello(SSL *s) unsigned char *p, *d; int i; unsigned long l; -#ifndef OPENSSL_NO_COMP - int j; - SSL_COMP *comp; -#endif buf = (unsigned char *)s->init_buf->data; if (s->state == SSL3_ST_CW_CLNT_HELLO_A) { @@ -752,22 +739,8 @@ ssl3_client_hello(SSL *s) s2n(i, p); p += i; - /* COMPRESSION */ -#ifdef OPENSSL_NO_COMP + /* add in (no) COMPRESSION */ *(p++) = 1; -#else - - if ((s->options & SSL_OP_NO_COMPRESSION) || - !s->ctx->comp_methods) - j = 0; - else - j = sk_SSL_COMP_num(s->ctx->comp_methods); - *(p++) = 1 + j; - for (i = 0; i < j; i++) { - comp = sk_SSL_COMP_value(s->ctx->comp_methods, i); - *(p++) = comp->id; - } -#endif *(p++) = 0; /* Add the NULL method */ /* TLS extensions*/ @@ -809,9 +782,6 @@ ssl3_get_server_hello(SSL *s) int i, al, ok; unsigned int j; long n; -#ifndef OPENSSL_NO_COMP - SSL_COMP *comp; -#endif n = s->method->ssl_get_message(s, SSL3_ST_CR_SRVR_HELLO_A, SSL3_ST_CR_SRVR_HELLO_B, -1, 20000, /* ?? */ &ok); @@ -963,50 +933,12 @@ ssl3_get_server_hello(SSL *s) } /* lets get the compression algorithm */ /* COMPRESSION */ -#ifdef OPENSSL_NO_COMP if (*(p++) != 0) { al = SSL_AD_ILLEGAL_PARAMETER; SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM); goto f_err; } - /* - * If compression is disabled we'd better not try to resume a session - * using compression. - */ - if (s->session->compress_meth != 0) { - al = SSL_AD_INTERNAL_ERROR; - SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, - SSL_R_INCONSISTENT_COMPRESSION); - goto f_err; - } -#else - j= *(p++); - if (s->hit && j != s->session->compress_meth) { - al = SSL_AD_ILLEGAL_PARAMETER; - SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, - SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED); - goto f_err; - } - if (j == 0) - comp = NULL; - else if (s->options & SSL_OP_NO_COMPRESSION) { - al = SSL_AD_ILLEGAL_PARAMETER; - SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, - SSL_R_COMPRESSION_DISABLED); - goto f_err; - } else - comp = ssl3_comp_find(s->ctx->comp_methods, j); - - if ((j != 0) && (comp == NULL)) { - al = SSL_AD_ILLEGAL_PARAMETER; - SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, - SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM); - goto f_err; - } else { - s->s3->tmp.new_compression = comp; - } -#endif /* TLS extensions*/ if (s->version >= SSL3_VERSION) { |