drop some no-longer-relevant TODO(TLS1.3) entries

We prevent compression both when the server is parsing the ClientHello and when the client is constructing the ClientHello. A 1.3 ServerHello has no way to hand us back a compression method, and we already check that the server does not try to give us back a compression method that we did not request, so these checks seem sufficient. Weaken the INSTALL note slightly, as we do now expect to interoperate with other implementations. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3131)
author: Benjamin Kaduk <bkaduk@akamai.com> 2017-03-23 11:00:08 -0500
committer: Matt Caswell <matt@openssl.org> 2017-06-12 09:19:05 +0100
commit: cf34d54d82c1e51d018e81a95ea4a70598070eb3 (patch)
tree: 70e90ac10b215dc138e274964a148fb4ec7e031e /ssl/record
parent: 5c718b9e46f6bbe5381556dbcfdd40ba2d65df77 (diff)
1 files changed, 0 insertions, 3 deletions
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index 0c40905edb..68c427e928 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -841,9 +841,6 @@ int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
 
         /* first we compress */
         if (s->compress != NULL) {
-            /*
-             * TODO(TLS1.3): Make sure we prevent compression!!!
-             */
             if (!ssl3_do_compress(s, thiswr)
                     || !WPACKET_allocate_bytes(thispkt, thiswr->length, NULL)) {
                 SSLerr(SSL_F_DO_SSL3_WRITE, SSL_R_COMPRESSION_FAILURE);
author	Benjamin Kaduk <bkaduk@akamai.com>	2017-03-23 11:00:08 -0500
committer	Matt Caswell <matt@openssl.org>	2017-06-12 09:19:05 +0100
commit	cf34d54d82c1e51d018e81a95ea4a70598070eb3 (patch)
tree	70e90ac10b215dc138e274964a148fb4ec7e031e /ssl/record
parent	5c718b9e46f6bbe5381556dbcfdd40ba2d65df77 (diff)