Remove "-immedate_renegotiation" option

Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15415)
author: Rich Salz <rsalz@akamai.com> 2021-06-13 10:49:47 -0400
committer: Tomas Mraz <tomas@openssl.org> 2021-06-15 12:36:51 +0200
commit: 5bbe2134188a45a937e7aefd46b7eeee258d0ab8 (patch)
tree: 9c122ebcd8a8f15601669542458e112052e4c297 /apps
parent: f4752e88272933777dbdbda31d00b388fa5a8e2d (diff)
3 files changed, 1 insertions, 12 deletions
diff --git a/apps/include/opt.h b/apps/include/opt.h
index 951557974b..b77c5a52e5 100644
--- a/apps/include/opt.h
+++ b/apps/include/opt.h
@@ -162,7 +162,7 @@
         OPT_S_STRICT, OPT_S_SIGALGS, OPT_S_CLIENTSIGALGS, OPT_S_GROUPS, \
         OPT_S_CURVES, OPT_S_NAMEDCURVE, OPT_S_CIPHER, OPT_S_CIPHERSUITES, \
         OPT_S_RECORD_PADDING, OPT_S_DEBUGBROKE, OPT_S_COMP, \
-        OPT_S_MINPROTO, OPT_S_MAXPROTO, OPT_S_IMMEDIATE_RENEG, \
+        OPT_S_MINPROTO, OPT_S_MAXPROTO, \
         OPT_S_NO_RENEGOTIATION, OPT_S_NO_MIDDLEBOX, OPT_S__LAST
 
 # define OPT_S_OPTIONS \
@@ -211,8 +211,6 @@
         {"ciphersuites", OPT_S_CIPHERSUITES, 's', "Specify TLSv1.3 ciphersuites to be used"}, \
         {"min_protocol", OPT_S_MINPROTO, 's', "Specify the minimum protocol version to be used"}, \
         {"max_protocol", OPT_S_MAXPROTO, 's', "Specify the maximum protocol version to be used"}, \
-        {"immediate_renegotiation", OPT_S_IMMEDIATE_RENEG, '-', \
-            "Immediately attempt renegotiation"}, \
         {"record_padding", OPT_S_RECORD_PADDING, 's', \
             "Block size to pad TLS 1.3 records to."}, \
         {"debug_broken_protocol", OPT_S_DEBUGBROKE, '-', \
diff --git a/apps/s_client.c b/apps/s_client.c
index ac9b08dfc2..3b9be0e8c2 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -1047,9 +1047,6 @@ int s_client_main(int argc, char **argv)
         case OPT_BRIEF:
             c_brief = verify_args.quiet = c_quiet = 1;
             break;
-        case OPT_S_IMMEDIATE_RENEG:
-            /* Option ignored on client. */
-            break;
         case OPT_S_CASES:
             if (ssl_args == NULL)
                 ssl_args = sk_OPENSSL_STRING_new_null();
diff --git a/apps/s_server.c b/apps/s_server.c
index 009ac5a1eb..e32d25e800 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -78,7 +78,6 @@ static int accept_socket = -1;
 static int s_nbio = 0;
 static int s_nbio_test = 0;
 static int s_crlf = 0;
-static int immediate_reneg = 0;
 static SSL_CTX *ctx = NULL;
 static SSL_CTX *ctx2 = NULL;
 static int www = 0;
@@ -1270,9 +1269,6 @@ int s_server_main(int argc, char *argv[])
             if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &crl_format))
                 goto opthelp;
             break;
-        case OPT_S_IMMEDIATE_RENEG:
-            immediate_reneg = 1;
-            break;
         case OPT_S_CASES:
         case OPT_S_NUM_TICKETS:
         case OPT_ANTI_REPLAY:
@@ -2811,8 +2807,6 @@ static int init_ssl_connection(SSL *con)
     } else {
         do {
             i = SSL_accept(con);
-            if (immediate_reneg)
-                SSL_renegotiate(con);
 
             if (i <= 0)
                 retry = is_retryable(con, i);
author	Rich Salz <rsalz@akamai.com>	2021-06-13 10:49:47 -0400
committer	Tomas Mraz <tomas@openssl.org>	2021-06-15 12:36:51 +0200
commit	5bbe2134188a45a937e7aefd46b7eeee258d0ab8 (patch)
tree	9c122ebcd8a8f15601669542458e112052e4c297 /apps
parent	f4752e88272933777dbdbda31d00b388fa5a8e2d (diff)