diff options
author | Matt Caswell <matt@openssl.org> | 2015-02-05 17:13:46 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-02-26 23:22:46 +0000 |
commit | 7a4dadc3a6a487db92619622b820eb4f7be512c9 (patch) | |
tree | 7f8a5a041266e8781afbb537a60c44700b75f8f6 /ssl/s3_srvr.c | |
parent | f7812493a0da6b740274135ce340ff7505027057 (diff) |
Removed support for SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG. Also removed
the "-hack" option from s_server that set this option.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Diffstat (limited to 'ssl/s3_srvr.c')
-rw-r--r-- | ssl/s3_srvr.c | 25 |
1 files changed, 1 insertions, 24 deletions
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 8819fed777..6adf4dc2a0 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -148,7 +148,6 @@ * OTHERWISE. */ -#define REUSE_CIPHER_BUG #define NETSCAPE_HANG_BUG #include <stdio.h> @@ -1384,29 +1383,7 @@ int ssl3_get_client_hello(SSL *s) s->tlsext_ticket_expected = 0; } else { /* Session-id reuse */ -#ifdef REUSE_CIPHER_BUG - STACK_OF(SSL_CIPHER) *sk; - SSL_CIPHER *nc = NULL; - SSL_CIPHER *ec = NULL; - - if (s->options & SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG) { - sk = s->session->ciphers; - for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) { - c = sk_SSL_CIPHER_value(sk, i); - if (c->algorithm_enc & SSL_eNULL) - nc = c; - if (SSL_C_IS_EXPORT(c)) - ec = c; - } - if (nc != NULL) - s->s3->tmp.new_cipher = nc; - else if (ec != NULL) - s->s3->tmp.new_cipher = ec; - else - s->s3->tmp.new_cipher = s->session->cipher; - } else -#endif - s->s3->tmp.new_cipher = s->session->cipher; + s->s3->tmp.new_cipher = s->session->cipher; } if (!SSL_USE_SIGALGS(s) || !(s->verify_mode & SSL_VERIFY_PEER)) { |