Nuke SSL_OP_CRYPTOPRO_TLSEXT_BUG.

This was a workaround for a server that needed to talk GOST to old/broken
CryptoPro clients. This has no impact on TLS clients that are using GOST.

ok bcook@ beck@ doug@

2 files changed, 4 insertions, 27 deletions

diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index e816dec83c..1a6f28911b 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.130 2017/08/10 17:18:38 jsing Exp $ */
+/* $OpenBSD: ssl.h,v 1.131 2017/08/13 16:25:19 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -518,21 +518,15 @@ struct ssl_session_st {
 #define SSL_OP_NO_TLSv1_2                               0x08000000L
 #define SSL_OP_NO_TLSv1_1                               0x10000000L
 
-/* Make server add server-hello extension from early version of
- * cryptopro draft, when GOST ciphersuite is negotiated.
- * Required for interoperability with CryptoPro CSP 3.x
- */
-#define SSL_OP_CRYPTOPRO_TLSEXT_BUG                     0x80000000L
-
 /* SSL_OP_ALL: various bug workarounds that should be rather harmless. */
 #define SSL_OP_ALL \
     (SSL_OP_LEGACY_SERVER_CONNECT | \
-     SSL_OP_TLSEXT_PADDING | \
-     SSL_OP_CRYPTOPRO_TLSEXT_BUG)
+     SSL_OP_TLSEXT_PADDING)
 
 /* Obsolete flags kept for compatibility. No sane code should use them. */
 #define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION        0x0
 #define SSL_OP_CISCO_ANYCONNECT                         0x0
+#define SSL_OP_CRYPTOPRO_TLSEXT_BUG                     0x0
 #define SSL_OP_EPHEMERAL_RSA                            0x0
 #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER               0x0
 #define SSL_OP_MICROSOFT_SESS_ID_BUG                    0x0
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index 405f08ed33..b8b54484ed 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.131 2017/08/12 23:38:12 beck Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.132 2017/08/13 16:25:19 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -812,23 +812,6 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
         }
 #endif
 
-        if (((S3I(s)->hs.new_cipher->id & 0xFFFF) == 0x80 ||
-            (S3I(s)->hs.new_cipher->id & 0xFFFF) == 0x81) &&
-            (SSL_get_options(s) & SSL_OP_CRYPTOPRO_TLSEXT_BUG)) {
-                static const unsigned char cryptopro_ext[36] = {
-                        0xfd, 0xe8, /*65000*/
-                        0x00, 0x20, /*32 bytes length*/
-                        0x30, 0x1e, 0x30, 0x08, 0x06, 0x06, 0x2a, 0x85,
-                        0x03, 0x02, 0x02, 0x09, 0x30, 0x08, 0x06, 0x06,
-                        0x2a, 0x85, 0x03, 0x02, 0x02, 0x16, 0x30, 0x08,
-                        0x06, 0x06, 0x2a, 0x85, 0x03, 0x02, 0x02, 0x17
-                };
-                if ((size_t)(limit - ret) < sizeof(cryptopro_ext))
-                        return NULL;
-                memcpy(ret, cryptopro_ext, sizeof(cryptopro_ext));
-                ret += sizeof(cryptopro_ext);
-        }
-
         if (S3I(s)->alpn_selected != NULL) {
                 const unsigned char *selected = S3I(s)->alpn_selected;
                 unsigned int len = S3I(s)->alpn_selected_len;