Remove NETSCAPE_HANG_BUG

NETSCAPE_HANG_BUG is a workaround for a browser bug from many years ago (2000). It predates DTLS, so certainly has no place in d1_srvr.c. In s3_srvr.c it forces the ServerDone to appear in the same record as the CertificateRequest when doing client auth. BoringSSL have already made the same commit: 79ae85e4f777f94d91b7be19e8a62016cb55b3c5 Reviewed-by: Tim Hudson <tjh@openssl.org>
author: Matt Caswell <matt@openssl.org> 2015-02-25 23:28:24 +0000
committer: Matt Caswell <matt@openssl.org> 2015-02-26 23:27:09 +0000
commit: cf61ef75be301d41696b6b45ce992562058c350a (patch)
tree: 3d81b95d28aebecb10fa90033fa362837a910d20 /ssl
parent: 7a4dadc3a6a487db92619622b820eb4f7be512c9 (diff)
2 files changed, 0 insertions, 33 deletions
diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index c5a59249dd..bcf63e016b 100644
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -556,7 +556,6 @@ int dtls1_accept(SSL *s)
                 ret = ssl3_send_certificate_request(s);
                 if (ret <= 0)
                     goto end;
-#ifndef NETSCAPE_HANG_BUG
                 s->state = SSL3_ST_SW_SRVR_DONE_A;
 # ifndef OPENSSL_NO_SCTP
                 if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
@@ -564,16 +563,6 @@ int dtls1_accept(SSL *s)
                     s->state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
                 }
 # endif
-#else
-                s->state = SSL3_ST_SW_FLUSH;
-                s->s3->tmp.next_state = SSL3_ST_SR_CERT_A;
-# ifndef OPENSSL_NO_SCTP
-                if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
-                    s->d1->next_state = s->s3->tmp.next_state;
-                    s->s3->tmp.next_state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
-                }
-# endif
-#endif
                 s->init_num = 0;
             }
             break;
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 6adf4dc2a0..48dee1016c 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -148,7 +148,6 @@
  * OTHERWISE.
  */
 
-#define NETSCAPE_HANG_BUG
 
 #include <stdio.h>
 #include "ssl_locl.h"
@@ -541,12 +540,7 @@ int ssl3_accept(SSL *s)
                 ret = ssl3_send_certificate_request(s);
                 if (ret <= 0)
                     goto end;
-#ifndef NETSCAPE_HANG_BUG
                 s->state = SSL3_ST_SW_SRVR_DONE_A;
-#else
-                s->state = SSL3_ST_SW_FLUSH;
-                s->s3->tmp.next_state = SSL3_ST_SR_CERT_A;
-#endif
                 s->init_num = 0;
             }
             break;
@@ -2045,22 +2039,6 @@ int ssl3_send_certificate_request(SSL *s)
 
         ssl_set_handshake_header(s, SSL3_MT_CERTIFICATE_REQUEST, n);
 
-#ifdef NETSCAPE_HANG_BUG
-        if (!SSL_IS_DTLS(s)) {
-            if (!BUF_MEM_grow_clean(buf, s->init_num + 4)) {
-                SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST, ERR_R_BUF_LIB);
-                goto err;
-            }
-            p = (unsigned char *)s->init_buf->data + s->init_num;
-            /* do the header */
-            *(p++) = SSL3_MT_SERVER_DONE;
-            *(p++) = 0;
-            *(p++) = 0;
-            *(p++) = 0;
-            s->init_num += 4;
-        }
-#endif
-
         s->state = SSL3_ST_SW_CERT_REQ_B;
     }
author	Matt Caswell <matt@openssl.org>	2015-02-25 23:28:24 +0000
committer	Matt Caswell <matt@openssl.org>	2015-02-26 23:27:09 +0000
commit	cf61ef75be301d41696b6b45ce992562058c350a (patch)
tree	3d81b95d28aebecb10fa90033fa362837a910d20 /ssl
parent	7a4dadc3a6a487db92619622b820eb4f7be512c9 (diff)